c5a5bf9e193db3a4fdbd9ff6774820fda4129458c45b6ea03eb0c4d21bda1f1f | Triage

Sharing

General

Target

04a6ac56418ed58ff297726d369817ac_JaffaCakes118
Size

14KB
Sample

241001-gytr6avbmp
MD5

04a6ac56418ed58ff297726d369817ac
SHA1

06d5798be725620259492c7e18adeb59c3016014
SHA256

c5a5bf9e193db3a4fdbd9ff6774820fda4129458c45b6ea03eb0c4d21bda1f1f
SHA512

bd13080a3771b90dc111e4867d5c38dadb78a98c665eea28d83d69e4b4e52bfac83f8e979b539dc694faf5af8787e86fb983d2d5f4805050e3993bf76115754a
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYq:hDXWipuE+K3/SSHgxmq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  04a6ac56418ed58ff297726d369817ac_JaffaCakes118
- Size
  
  14KB
- MD5
  
  04a6ac56418ed58ff297726d369817ac
- SHA1
  
  06d5798be725620259492c7e18adeb59c3016014
- SHA256
  
  c5a5bf9e193db3a4fdbd9ff6774820fda4129458c45b6ea03eb0c4d21bda1f1f
- SHA512
  
  bd13080a3771b90dc111e4867d5c38dadb78a98c665eea28d83d69e4b4e52bfac83f8e979b539dc694faf5af8787e86fb983d2d5f4805050e3993bf76115754a
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYq:hDXWipuE+K3/SSHgxmq
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2