33243365f62724030bcee32fb4499dd7b0b8482e1bef62120b52e84cb1b8619e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d47787cf92893be66e4f298d8a2886de_JaffaCakes118
Size

14KB
Sample

240908-qp417s1arh
MD5

d47787cf92893be66e4f298d8a2886de
SHA1

6d6ab2a80863ec5812b7edecb1c103d28efaedd6
SHA256

33243365f62724030bcee32fb4499dd7b0b8482e1bef62120b52e84cb1b8619e
SHA512

4f1dbce05a8e1e2db71c07ee1681e0a1332b03f0320f0b769c732bc0a1912bb1e30e1cc21a30cf11dd7126d9ae71e352014c52b1c4d332dfe8c0f2f083f25a15
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhRs:hDXWipuE+K3/SSHgxQ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d47787cf92893be66e4f298d8a2886de_JaffaCakes118
- Size
  
  14KB
- MD5
  
  d47787cf92893be66e4f298d8a2886de
- SHA1
  
  6d6ab2a80863ec5812b7edecb1c103d28efaedd6
- SHA256
  
  33243365f62724030bcee32fb4499dd7b0b8482e1bef62120b52e84cb1b8619e
- SHA512
  
  4f1dbce05a8e1e2db71c07ee1681e0a1332b03f0320f0b769c732bc0a1912bb1e30e1cc21a30cf11dd7126d9ae71e352014c52b1c4d332dfe8c0f2f083f25a15
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhRs:hDXWipuE+K3/SSHgxQ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2