5f0ba071d1de9d1728380fb575bb1ef031ab731062f5550b918d2665e935a1e1 | Triage

Sharing

General

Target

d3dcdc8d7ae5ed7035f0a407d15da108_JaffaCakes118
Size

5.9MB
Sample

240908-jhdgcawdrf
MD5

d3dcdc8d7ae5ed7035f0a407d15da108
SHA1

a5f0618a840060cbea18c676ec12411082dc509f
SHA256

5f0ba071d1de9d1728380fb575bb1ef031ab731062f5550b918d2665e935a1e1
SHA512

e4ea3b15643f9b0e6b6f677e7710e1f7d59b1eac7cfe25ba49d41131307e457d1df0a88cfea7b73e88a450ef573bd4074c6d3d9f996b5761629d0087d8692ea8
SSDEEP

98304:YkFnmObfZAp9YeJuY/CdAMbWolBGYrXh5l4agbGFzMaTBaHCItJA/CgBhaaFmgK:/nm6ZA5abWvUxrAgHV1gq/xBhaaF0

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  d3dcdc8d7ae5ed7035f0a407d15da108_JaffaCakes118
- Size
  
  5.9MB
- MD5
  
  d3dcdc8d7ae5ed7035f0a407d15da108
- SHA1
  
  a5f0618a840060cbea18c676ec12411082dc509f
- SHA256
  
  5f0ba071d1de9d1728380fb575bb1ef031ab731062f5550b918d2665e935a1e1
- SHA512
  
  e4ea3b15643f9b0e6b6f677e7710e1f7d59b1eac7cfe25ba49d41131307e457d1df0a88cfea7b73e88a450ef573bd4074c6d3d9f996b5761629d0087d8692ea8
- SSDEEP
  
  98304:YkFnmObfZAp9YeJuY/CdAMbWolBGYrXh5l4agbGFzMaTBaHCItJA/CgBhaaFmgK:/nm6ZA5abWvUxrAgHV1gq/xBhaaF0
Score

8^/10

discovery
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2