a71e2f7a38cb6f08ca219cb416e3003af2cfb4a05e52c398f5723d9d5b7fc42f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28664accde46696d651f6109f684254e_JaffaCakes118
Size

14KB
Sample

241009-bs4saaseqd
MD5

28664accde46696d651f6109f684254e
SHA1

43de1bb66957ea2c533a3ad1e7d16f1ea981df76
SHA256

a71e2f7a38cb6f08ca219cb416e3003af2cfb4a05e52c398f5723d9d5b7fc42f
SHA512

64148390e361af06fcea22bf9b271df70bd8efc5986d891187c8afd850b8e272e6ec9931e3fb39ca6e00e51bbd630d58dba3166d5b24ca381af03952f2a7865c
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYWmbS5:hDXWipuE+K3/SSHgxmWmbS5

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  28664accde46696d651f6109f684254e_JaffaCakes118
- Size
  
  14KB
- MD5
  
  28664accde46696d651f6109f684254e
- SHA1
  
  43de1bb66957ea2c533a3ad1e7d16f1ea981df76
- SHA256
  
  a71e2f7a38cb6f08ca219cb416e3003af2cfb4a05e52c398f5723d9d5b7fc42f
- SHA512
  
  64148390e361af06fcea22bf9b271df70bd8efc5986d891187c8afd850b8e272e6ec9931e3fb39ca6e00e51bbd630d58dba3166d5b24ca381af03952f2a7865c
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYWmbS5:hDXWipuE+K3/SSHgxmWmbS5
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2