33e06294205f8d297c05a22b8603fc753ff82abb9494da22df926e13dda607ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d61433591ac9477e4530e2af27829372_JaffaCakes118
Size

920KB
Sample

240909-lwm9tasbmr
MD5

d61433591ac9477e4530e2af27829372
SHA1

94d373d374ab890bdf51c1618b0b0dacb7dc850e
SHA256

33e06294205f8d297c05a22b8603fc753ff82abb9494da22df926e13dda607ca
SHA512

57278264f290457187df84ee40ce1cceea739a1241d66145e53ed2543c02e7fdedc58ba19f75ca09be92d7518e894b7f2618aad8185279425e3c9cff22fa2a64
SSDEEP

12288:bs0r+edwVgkOCgKoLA0CipSjfs20nbGgbQYPL:bs0r+HFOZKoLATjE2qCgbdL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d61433591ac9477e4530e2af27829372_JaffaCakes118
- Size
  
  920KB
- MD5
  
  d61433591ac9477e4530e2af27829372
- SHA1
  
  94d373d374ab890bdf51c1618b0b0dacb7dc850e
- SHA256
  
  33e06294205f8d297c05a22b8603fc753ff82abb9494da22df926e13dda607ca
- SHA512
  
  57278264f290457187df84ee40ce1cceea739a1241d66145e53ed2543c02e7fdedc58ba19f75ca09be92d7518e894b7f2618aad8185279425e3c9cff22fa2a64
- SSDEEP
  
  12288:bs0r+edwVgkOCgKoLA0CipSjfs20nbGgbQYPL:bs0r+HFOZKoLATjE2qCgbdL
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2