c915c6e8b6d95781934248c2035a77c745fc1dac7072b4aac62fce5ed5bd2cac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04289b5b77534292e4a2b5469cb6ae92_JaffaCakes118
Size

14KB
Sample

241001-dn63yssalf
MD5

04289b5b77534292e4a2b5469cb6ae92
SHA1

00c63003ff7addb920796d066649a4fb375d663f
SHA256

c915c6e8b6d95781934248c2035a77c745fc1dac7072b4aac62fce5ed5bd2cac
SHA512

7bfad64115901a8db1a35a6faff5615215c8b58ef186c9e8d8fc53d68f2e14dee50e11bc8f3202e1c81906f704de9dd02a6e36ec83195e4c52e21b9fa6ece48e
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYSs:hDXWipuE+K3/SSHgxm

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  04289b5b77534292e4a2b5469cb6ae92_JaffaCakes118
- Size
  
  14KB
- MD5
  
  04289b5b77534292e4a2b5469cb6ae92
- SHA1
  
  00c63003ff7addb920796d066649a4fb375d663f
- SHA256
  
  c915c6e8b6d95781934248c2035a77c745fc1dac7072b4aac62fce5ed5bd2cac
- SHA512
  
  7bfad64115901a8db1a35a6faff5615215c8b58ef186c9e8d8fc53d68f2e14dee50e11bc8f3202e1c81906f704de9dd02a6e36ec83195e4c52e21b9fa6ece48e
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYSs:hDXWipuE+K3/SSHgxm
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2