64d496782e855a16b2c397eb51f0eeeb60b5a97e82c229bde475c1c6a50655aa | Triage

Sharing

General

Target

da2fedcbd8cb7a0d9b269bc5896217b8_JaffaCakes118
Size

293KB
Sample

240911-m1ad7awdll
MD5

da2fedcbd8cb7a0d9b269bc5896217b8
SHA1

67a9b0e99169637577aeaf2dc9d30d8c7c8b5aea
SHA256

64d496782e855a16b2c397eb51f0eeeb60b5a97e82c229bde475c1c6a50655aa
SHA512

1c6eab54adbfc4b49619b68c1b2298411fe234f1d5ea1af3eee3cd851d000bcb3e1933332f96290ed1cb08573ad6aede1e77c2878b1cb16fca583df9c7b33606
SSDEEP

6144:P4lRkAehaKuqT+FtwHuMborPtdyXX635DFk+8TXBGvCDOpKPV5iya:PkWAehJuqT8M0DFj8TxGvCqpH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  da2fedcbd8cb7a0d9b269bc5896217b8_JaffaCakes118
- Size
  
  293KB
- MD5
  
  da2fedcbd8cb7a0d9b269bc5896217b8
- SHA1
  
  67a9b0e99169637577aeaf2dc9d30d8c7c8b5aea
- SHA256
  
  64d496782e855a16b2c397eb51f0eeeb60b5a97e82c229bde475c1c6a50655aa
- SHA512
  
  1c6eab54adbfc4b49619b68c1b2298411fe234f1d5ea1af3eee3cd851d000bcb3e1933332f96290ed1cb08573ad6aede1e77c2878b1cb16fca583df9c7b33606
- SSDEEP
  
  6144:P4lRkAehaKuqT+FtwHuMborPtdyXX635DFk+8TXBGvCDOpKPV5iya:PkWAehJuqT8M0DFj8TxGvCqpH
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2