347b39efa2eb3be7a9a16ab6612bf68e34e7c069bfb2a78f0bed382d024be8ef | Triage

Sharing

General

Target

eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118
Size

5.6MB
Sample

240919-gl353athjk
MD5

eab5167f2fc67c0c8d9ed61f300789a6
SHA1

e340a8febe8144f096b4cf62c15940d84e0dc127
SHA256

347b39efa2eb3be7a9a16ab6612bf68e34e7c069bfb2a78f0bed382d024be8ef
SHA512

a15c05fda9c899c0d6e41b2fd42728e468f86adcf6656b5e9bfcc645f4390e1f5bed4b3924cb141d221585a845bcc64d54c372fe31c6adc49a9ea7412e3cdfdd
SSDEEP

98304:J8xZ1WHMBaUDvqr8HSB6smen6EamSkyuRt8x1nAnpIDEH9TytTd6/O2:KxZEHgaUDgx1n6EH7uCxdkTd6/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eab5167f2fc67c0c8d9ed61f300789a6_JaffaCakes118
- Size
  
  5.6MB
- MD5
  
  eab5167f2fc67c0c8d9ed61f300789a6
- SHA1
  
  e340a8febe8144f096b4cf62c15940d84e0dc127
- SHA256
  
  347b39efa2eb3be7a9a16ab6612bf68e34e7c069bfb2a78f0bed382d024be8ef
- SHA512
  
  a15c05fda9c899c0d6e41b2fd42728e468f86adcf6656b5e9bfcc645f4390e1f5bed4b3924cb141d221585a845bcc64d54c372fe31c6adc49a9ea7412e3cdfdd
- SSDEEP
  
  98304:J8xZ1WHMBaUDvqr8HSB6smen6EamSkyuRt8x1nAnpIDEH9TytTd6/O2:KxZEHgaUDgx1n6EH7uCxdkTd6/
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2