18216d83a83de5405a136f32d79d9906b85925271753984a5a824db6cb8283d6 | Triage

Sharing

General

Target

fd600ef23834b3ceb20c1200b9ba94ba_JaffaCakes118
Size

180KB
Sample

240928-3pz4ga1drk
MD5

fd600ef23834b3ceb20c1200b9ba94ba
SHA1

60b68644c61210b7b53ce841478868ed8abda6d8
SHA256

18216d83a83de5405a136f32d79d9906b85925271753984a5a824db6cb8283d6
SHA512

796b920710e7c95d310bc453419665ad95ffa54c3e1675c2c191ace8368f3c8af934268661eb341f0d028849a56d717a83b5d428f095383bbb620e7349de7d2c
SSDEEP

3072://vGHqJLx6B/CRLdhHt5GWp1icKAArDZz4N9GhbkrNEk47K0qZy:nWqA/eRBp0yN90QE

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  fd600ef23834b3ceb20c1200b9ba94ba_JaffaCakes118
- Size
  
  180KB
- MD5
  
  fd600ef23834b3ceb20c1200b9ba94ba
- SHA1
  
  60b68644c61210b7b53ce841478868ed8abda6d8
- SHA256
  
  18216d83a83de5405a136f32d79d9906b85925271753984a5a824db6cb8283d6
- SHA512
  
  796b920710e7c95d310bc453419665ad95ffa54c3e1675c2c191ace8368f3c8af934268661eb341f0d028849a56d717a83b5d428f095383bbb620e7349de7d2c
- SSDEEP
  
  3072://vGHqJLx6B/CRLdhHt5GWp1icKAArDZz4N9GhbkrNEk47K0qZy:nWqA/eRBp0yN90QE
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2