916d053a380731b979197e1b0663f85c1c097d722377721b1ee6de114aab573d | Triage

Sharing

General

Target

f6a92e7fb686718b428bc3e7a8e38e4a_JaffaCakes118
Size

270KB
Sample

240925-xmyjzasamp
MD5

f6a92e7fb686718b428bc3e7a8e38e4a
SHA1

07b6e64f4408244eb3c0dcfdb6ac029f8eebd481
SHA256

916d053a380731b979197e1b0663f85c1c097d722377721b1ee6de114aab573d
SHA512

92356720778bc4eafd3d2015981d0a941bed3e69169603ce0a7f8c68c60135a2a0159622fb0f209b9aab9d9f10217612fd27b48f62045d8aae726ea9073177f9
SSDEEP

6144:s24RNw9jjJmlRXPdC7B6lEHenVJhNk9ewtf2/rQQjrM:s24kgd0BCnVJVwt60QjrM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f6a92e7fb686718b428bc3e7a8e38e4a_JaffaCakes118
- Size
  
  270KB
- MD5
  
  f6a92e7fb686718b428bc3e7a8e38e4a
- SHA1
  
  07b6e64f4408244eb3c0dcfdb6ac029f8eebd481
- SHA256
  
  916d053a380731b979197e1b0663f85c1c097d722377721b1ee6de114aab573d
- SHA512
  
  92356720778bc4eafd3d2015981d0a941bed3e69169603ce0a7f8c68c60135a2a0159622fb0f209b9aab9d9f10217612fd27b48f62045d8aae726ea9073177f9
- SSDEEP
  
  6144:s24RNw9jjJmlRXPdC7B6lEHenVJhNk9ewtf2/rQQjrM:s24kgd0BCnVJVwt60QjrM
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2