6e2d6a3a8327806264d64f3f4535d446a678d5a015f37052af43c8145cf86e5d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e093f96086f2ee1db4e07e99714df4f3_JaffaCakes118
Size

292KB
Sample

240914-t1ataatgjh
MD5

e093f96086f2ee1db4e07e99714df4f3
SHA1

83c0c4c45bccfb17c836f60ddf0659723ceb68be
SHA256

6e2d6a3a8327806264d64f3f4535d446a678d5a015f37052af43c8145cf86e5d
SHA512

50f46902801bc35c4d568fecf4d89fa5823825df0c4288601d7cb1216ee2dfc2d283b2fc77c5c91f438b456eccb252bd0fe2d7d9b77260d31b54a09810d0efdd
SSDEEP

6144:qoBD6iz9BBwwPCM9MeaOsCSP26Vh9BgODLlV98io3PXlB25LtP71cYUG/tOWm+:qoGTI33765BgCLl3u3PXTyZxcYH1Oc

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e093f96086f2ee1db4e07e99714df4f3_JaffaCakes118
- Size
  
  292KB
- MD5
  
  e093f96086f2ee1db4e07e99714df4f3
- SHA1
  
  83c0c4c45bccfb17c836f60ddf0659723ceb68be
- SHA256
  
  6e2d6a3a8327806264d64f3f4535d446a678d5a015f37052af43c8145cf86e5d
- SHA512
  
  50f46902801bc35c4d568fecf4d89fa5823825df0c4288601d7cb1216ee2dfc2d283b2fc77c5c91f438b456eccb252bd0fe2d7d9b77260d31b54a09810d0efdd
- SSDEEP
  
  6144:qoBD6iz9BBwwPCM9MeaOsCSP26Vh9BgODLlV98io3PXlB25LtP71cYUG/tOWm+:qoGTI33765BgCLl3u3PXTyZxcYH1Oc
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2