fd7a42fd9b8a3e1e6970a623d9c0e0057c37f7ff9764eab10730586716bc6fa6 | Triage

Sharing

General

Target

dfdc581b11cca8c081aea554bf7ed24b_JaffaCakes118
Size

53KB
Sample

240914-kwc86swbkl
MD5

dfdc581b11cca8c081aea554bf7ed24b
SHA1

f96b744a40694e5ad398967d874eea3dd4886a7c
SHA256

fd7a42fd9b8a3e1e6970a623d9c0e0057c37f7ff9764eab10730586716bc6fa6
SHA512

b79161eb08df69f5607702979039b5e44e587e35f1885a58d031a41de7c89b8864065a295b527c32543fdc6e0381e3605660ac1e881331b82bc46f0cb5a1c53b
SSDEEP

768:e8SAXx1gUzd9b5oY6YRxYv04BYnpMU4HBeWehgiJO2:eRAhOUzvdofYRxYv0sYnpMU4HBeWotJ9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  dfdc581b11cca8c081aea554bf7ed24b_JaffaCakes118
- Size
  
  53KB
- MD5
  
  dfdc581b11cca8c081aea554bf7ed24b
- SHA1
  
  f96b744a40694e5ad398967d874eea3dd4886a7c
- SHA256
  
  fd7a42fd9b8a3e1e6970a623d9c0e0057c37f7ff9764eab10730586716bc6fa6
- SHA512
  
  b79161eb08df69f5607702979039b5e44e587e35f1885a58d031a41de7c89b8864065a295b527c32543fdc6e0381e3605660ac1e881331b82bc46f0cb5a1c53b
- SSDEEP
  
  768:e8SAXx1gUzd9b5oY6YRxYv04BYnpMU4HBeWehgiJO2:eRAhOUzvdofYRxYv0sYnpMU4HBeWotJ9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2