a19167c5eb4ac1338105d7597d6c4fc212a0bc5acbe03fee16c99d9449c8b620 | Triage

Sharing

General

Target

eaad4d6b2d66f87160215d32100ff63b_JaffaCakes118
Size

14KB
Sample

240919-f78f8stbrj
MD5

eaad4d6b2d66f87160215d32100ff63b
SHA1

cfa86fa8d88f447fb7d0e79db9c51091ee3f7ce8
SHA256

a19167c5eb4ac1338105d7597d6c4fc212a0bc5acbe03fee16c99d9449c8b620
SHA512

216d31c397b5640cfcb6eef119b0181bde1546637c5172b8fc6b7f2d1727d0819fc03054cfc2ceac6eee293270cbe50b6cb4a6a8354a76ecca1096e639c52ad5
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhW2:hDXWipuE+K3/SSHgxc2

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eaad4d6b2d66f87160215d32100ff63b_JaffaCakes118
- Size
  
  14KB
- MD5
  
  eaad4d6b2d66f87160215d32100ff63b
- SHA1
  
  cfa86fa8d88f447fb7d0e79db9c51091ee3f7ce8
- SHA256
  
  a19167c5eb4ac1338105d7597d6c4fc212a0bc5acbe03fee16c99d9449c8b620
- SHA512
  
  216d31c397b5640cfcb6eef119b0181bde1546637c5172b8fc6b7f2d1727d0819fc03054cfc2ceac6eee293270cbe50b6cb4a6a8354a76ecca1096e639c52ad5
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhW2:hDXWipuE+K3/SSHgxc2
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2