abb048d5364b80ce5d375cf36020dea3d18eb79f1ff0fc8d63206f130d31e86b | Triage

Sharing

General

Target

dd5dc409ece3a0a2cd05dc9ea71b3cc0_JaffaCakes118
Size

2.3MB
Sample

240913-bbtwrawblg
MD5

dd5dc409ece3a0a2cd05dc9ea71b3cc0
SHA1

4df393b737906b86342867f68276ca4f3eaf5c7e
SHA256

abb048d5364b80ce5d375cf36020dea3d18eb79f1ff0fc8d63206f130d31e86b
SHA512

f429da925e8f0254265318345fdd6b8e2d3d546f4709eea8f556df558f9fdd54a647b1ef0e0a3841a84ca6c484ba70520bbbfeb33af6bd8402034ebcaad2af94
SSDEEP

49152:hkulX40sOnluj5mfy2GGxWqmsduPoBgmYMelJYA32W8igz:hHIIluj5N20afgmYd2hi

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  dd5dc409ece3a0a2cd05dc9ea71b3cc0_JaffaCakes118
- Size
  
  2.3MB
- MD5
  
  dd5dc409ece3a0a2cd05dc9ea71b3cc0
- SHA1
  
  4df393b737906b86342867f68276ca4f3eaf5c7e
- SHA256
  
  abb048d5364b80ce5d375cf36020dea3d18eb79f1ff0fc8d63206f130d31e86b
- SHA512
  
  f429da925e8f0254265318345fdd6b8e2d3d546f4709eea8f556df558f9fdd54a647b1ef0e0a3841a84ca6c484ba70520bbbfeb33af6bd8402034ebcaad2af94
- SSDEEP
  
  49152:hkulX40sOnluj5mfy2GGxWqmsduPoBgmYMelJYA32W8igz:hHIIluj5N20afgmYd2hi
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2