9c00f1c034eeaaeaf513fd9d63c7698c7464c3592239973197a4fb5d25502d8f | Triage

Sharing

General

Target

eab46723a03c608e1ffc1794ab7b7605_JaffaCakes118
Size

68KB
Sample

240919-gkwdtstele
MD5

eab46723a03c608e1ffc1794ab7b7605
SHA1

478581483ad72631fa111472c6b24c20ae7ccf6c
SHA256

9c00f1c034eeaaeaf513fd9d63c7698c7464c3592239973197a4fb5d25502d8f
SHA512

b566cc2f3212277d9c12a99afdbb11183691044c12fdbb8d1f8ddc40e903c9295dc9508adc539b92461f864081cd33ed9df102680155bff93db128c48da1fc9b
SSDEEP

768:J3LNloe8Fvccfdg18Zg7HT2HbLdAhA/Bcb/ZZR89yExLzb5F0EAj+qneL:J7Mqcfdg+CXMbbNFpFUqqeL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eab46723a03c608e1ffc1794ab7b7605_JaffaCakes118
- Size
  
  68KB
- MD5
  
  eab46723a03c608e1ffc1794ab7b7605
- SHA1
  
  478581483ad72631fa111472c6b24c20ae7ccf6c
- SHA256
  
  9c00f1c034eeaaeaf513fd9d63c7698c7464c3592239973197a4fb5d25502d8f
- SHA512
  
  b566cc2f3212277d9c12a99afdbb11183691044c12fdbb8d1f8ddc40e903c9295dc9508adc539b92461f864081cd33ed9df102680155bff93db128c48da1fc9b
- SSDEEP
  
  768:J3LNloe8Fvccfdg18Zg7HT2HbLdAhA/Bcb/ZZR89yExLzb5F0EAj+qneL:J7Mqcfdg+CXMbbNFpFUqqeL
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2