3216ccb20bdd16443084eda94a1a2d3a3b9678865ee4d5bea7e11153b3596580 | Triage

Sharing

General

Target

eaa1d9d3277a03351677542768d44fa3_JaffaCakes118
Size

122KB
Sample

240919-fnttqssblc
MD5

eaa1d9d3277a03351677542768d44fa3
SHA1

81764a4d7a30f9439a58576d3e5e952b145b4661
SHA256

3216ccb20bdd16443084eda94a1a2d3a3b9678865ee4d5bea7e11153b3596580
SHA512

0387785b1284861f6f9e69f281d93c050ed76e5fe453672e59dcf9745e742484a103f58fd19967571bd8912c7e508a77234c672267062de5f99732b8a4195769
SSDEEP

3072:Tb/rAt4DgAeavbMlsa8NVVde1pm//rMtBpk1By+gQM:TbTMWUavWb8N7de1pm/A3pSBu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eaa1d9d3277a03351677542768d44fa3_JaffaCakes118
- Size
  
  122KB
- MD5
  
  eaa1d9d3277a03351677542768d44fa3
- SHA1
  
  81764a4d7a30f9439a58576d3e5e952b145b4661
- SHA256
  
  3216ccb20bdd16443084eda94a1a2d3a3b9678865ee4d5bea7e11153b3596580
- SHA512
  
  0387785b1284861f6f9e69f281d93c050ed76e5fe453672e59dcf9745e742484a103f58fd19967571bd8912c7e508a77234c672267062de5f99732b8a4195769
- SSDEEP
  
  3072:Tb/rAt4DgAeavbMlsa8NVVde1pm//rMtBpk1By+gQM:TbTMWUavWb8N7de1pm/A3pSBu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2