670c6a1acf459f744e8fad284c89ed36f0da2797a7f4a53956200a38cd37c343 | Triage

Sharing

General

Target

fa3fb045e0e65395f4b710b2e7dd5ec0_JaffaCakes118
Size

171KB
Sample

240927-mnllpaybjk
MD5

fa3fb045e0e65395f4b710b2e7dd5ec0
SHA1

110141089687f1f751d1f721ae4839f8298ccb59
SHA256

670c6a1acf459f744e8fad284c89ed36f0da2797a7f4a53956200a38cd37c343
SHA512

7f5eb5b40a5aaf2b9d84351af73a06d7d7146421bbae099838d09da28db807a00870112a0841b94a26f4c2bc1614051b4db2416db94235faa36973cdc2e6d16c
SSDEEP

3072:SwjmK0lZmJEs4aBXMvkK7eyKIMZu7DMnx1pqCSozKn1WJWmowqV3k7FS:SbN5s4ameyrMZufAjJSozK1WvowqL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  fa3fb045e0e65395f4b710b2e7dd5ec0_JaffaCakes118
- Size
  
  171KB
- MD5
  
  fa3fb045e0e65395f4b710b2e7dd5ec0
- SHA1
  
  110141089687f1f751d1f721ae4839f8298ccb59
- SHA256
  
  670c6a1acf459f744e8fad284c89ed36f0da2797a7f4a53956200a38cd37c343
- SHA512
  
  7f5eb5b40a5aaf2b9d84351af73a06d7d7146421bbae099838d09da28db807a00870112a0841b94a26f4c2bc1614051b4db2416db94235faa36973cdc2e6d16c
- SSDEEP
  
  3072:SwjmK0lZmJEs4aBXMvkK7eyKIMZu7DMnx1pqCSozKn1WJWmowqV3k7FS:SbN5s4ameyrMZufAjJSozK1WvowqL
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2