aa9aa5bdf67dc42a4f1291424a594f278840995553badf440305c1dd8095911d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5efa2fa1406b0557062d4710b25c226_JaffaCakes118
Size

9KB
Sample

240925-nvvnlstbkr
MD5

f5efa2fa1406b0557062d4710b25c226
SHA1

5bc94ef17fc17de2aa9289acdd2e8b174754572e
SHA256

aa9aa5bdf67dc42a4f1291424a594f278840995553badf440305c1dd8095911d
SHA512

69011f344a55c8407df4c76d796240090c055ba9345291170513e65336e8458a0daef17a256fabb8ca7caf8c99f5da73136a474b8ac27e8635779329625382d0
SSDEEP

96:sBSceLqQ9HuHnnwR2U12CGbcGfbkNTWOqCE07OoIOsBc4D:1R2Q9GnwR2MSrwNKOqt05/WzD

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f5efa2fa1406b0557062d4710b25c226_JaffaCakes118
- Size
  
  9KB
- MD5
  
  f5efa2fa1406b0557062d4710b25c226
- SHA1
  
  5bc94ef17fc17de2aa9289acdd2e8b174754572e
- SHA256
  
  aa9aa5bdf67dc42a4f1291424a594f278840995553badf440305c1dd8095911d
- SHA512
  
  69011f344a55c8407df4c76d796240090c055ba9345291170513e65336e8458a0daef17a256fabb8ca7caf8c99f5da73136a474b8ac27e8635779329625382d0
- SSDEEP
  
  96:sBSceLqQ9HuHnnwR2U12CGbcGfbkNTWOqCE07OoIOsBc4D:1R2Q9GnwR2MSrwNKOqt05/WzD
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2