1718911221f1038b6e586bf23328476f315a0820a614aceacf4df6676238c883 | Triage

Sharing

General

Target

f5962d64a5fc7cfaef2a2bae65e31e8e_JaffaCakes118
Size

268KB
Sample

240925-j85zaaxgpf
MD5

f5962d64a5fc7cfaef2a2bae65e31e8e
SHA1

bec37bea360230a3b30ffc85a2faa62ae063e90b
SHA256

1718911221f1038b6e586bf23328476f315a0820a614aceacf4df6676238c883
SHA512

4d0b476ef4f9f787ab88ea23e8ccf961aa4ff1cc7b8d60b8b4dbea9a12b57051aded8b8710105402555886e3e6e29e859b876cebe76736f10b4a68b0d9563abf
SSDEEP

6144:7WXreNuCgQL0zir3dBQd130y9ZT8XrQ+mDgwkSbRUaxlePzQQG0m7iF:7SreNvBQdJ0A58XrQcwkcUaxIPzQQuO

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f5962d64a5fc7cfaef2a2bae65e31e8e_JaffaCakes118
- Size
  
  268KB
- MD5
  
  f5962d64a5fc7cfaef2a2bae65e31e8e
- SHA1
  
  bec37bea360230a3b30ffc85a2faa62ae063e90b
- SHA256
  
  1718911221f1038b6e586bf23328476f315a0820a614aceacf4df6676238c883
- SHA512
  
  4d0b476ef4f9f787ab88ea23e8ccf961aa4ff1cc7b8d60b8b4dbea9a12b57051aded8b8710105402555886e3e6e29e859b876cebe76736f10b4a68b0d9563abf
- SSDEEP
  
  6144:7WXreNuCgQL0zir3dBQd130y9ZT8XrQ+mDgwkSbRUaxlePzQQG0m7iF:7SreNvBQdJ0A58XrQcwkcUaxIPzQQuO
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2