225286c75dd37cacfe9e9d95242103d87f436a3e1f685fb7de97721d4aee84d1 | Triage

Sharing

General

Target

06535f9a6ef08636280a08498e6f311d_JaffaCakes118
Size

246KB
Sample

241001-sqmveswdql
MD5

06535f9a6ef08636280a08498e6f311d
SHA1

1f68d001a65e9310e65e060f1eda0ca434b82b08
SHA256

225286c75dd37cacfe9e9d95242103d87f436a3e1f685fb7de97721d4aee84d1
SHA512

304a9596301aa6903936db291c0091fe09aea9476be2e1ca5d4cc6b4458a65a3261518f6634d70f7097bf8bf2ccf132aea3372b9c4c11e83bc365668400faf17
SSDEEP

6144:fyW81ap2jBmhZzXjd+TJ4u148m+pCNrREW40b:R8AEEzzXpX44YIlREW40

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  06535f9a6ef08636280a08498e6f311d_JaffaCakes118
- Size
  
  246KB
- MD5
  
  06535f9a6ef08636280a08498e6f311d
- SHA1
  
  1f68d001a65e9310e65e060f1eda0ca434b82b08
- SHA256
  
  225286c75dd37cacfe9e9d95242103d87f436a3e1f685fb7de97721d4aee84d1
- SHA512
  
  304a9596301aa6903936db291c0091fe09aea9476be2e1ca5d4cc6b4458a65a3261518f6634d70f7097bf8bf2ccf132aea3372b9c4c11e83bc365668400faf17
- SSDEEP
  
  6144:fyW81ap2jBmhZzXjd+TJ4u148m+pCNrREW40b:R8AEEzzXpX44YIlREW40
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2