220abc544915df246fb41fe253436c1ba9f311d087272f205e298207afd7852f | Triage

Sharing

General

Target

dea8d3825f0410f9e52269091508c83d_JaffaCakes118
Size

355KB
Sample

240913-w3p24a1erk
MD5

dea8d3825f0410f9e52269091508c83d
SHA1

42b88382c81de4f401354c872381941f415e21a2
SHA256

220abc544915df246fb41fe253436c1ba9f311d087272f205e298207afd7852f
SHA512

c0561c8ff67520217d0d65c62f8a13779d0ea15ec3557635aa6296645ef9a911ce8739b63d14c9523cb4675df7104da4ea706ec8c3701eee51ede3e756c4ef3f
SSDEEP

6144:6uJzTnKoZZ94ltCxhASZZYRQmufv37v2dj88m6Q/xq8J7LyEYjfP2XZNNNN:LJioZZ9UtCxHZuRy374IA+xq85u3cNNX

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  dea8d3825f0410f9e52269091508c83d_JaffaCakes118
- Size
  
  355KB
- MD5
  
  dea8d3825f0410f9e52269091508c83d
- SHA1
  
  42b88382c81de4f401354c872381941f415e21a2
- SHA256
  
  220abc544915df246fb41fe253436c1ba9f311d087272f205e298207afd7852f
- SHA512
  
  c0561c8ff67520217d0d65c62f8a13779d0ea15ec3557635aa6296645ef9a911ce8739b63d14c9523cb4675df7104da4ea706ec8c3701eee51ede3e756c4ef3f
- SSDEEP
  
  6144:6uJzTnKoZZ94ltCxhASZZYRQmufv37v2dj88m6Q/xq8J7LyEYjfP2XZNNNN:LJioZZ9UtCxHZuRy374IA+xq85u3cNNX
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2