9f69224191a0a0ae606a46968761a8d1e9c99a6a472e02d6ab26c19a4b815229 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2966ee7e9e75133ab88d7ce7c5ee2537_JaffaCakes118
Size

14KB
Sample

241009-c7vnlawdjq
MD5

2966ee7e9e75133ab88d7ce7c5ee2537
SHA1

f5bb99f6195c448e1bbc2710c3b75044806d1645
SHA256

9f69224191a0a0ae606a46968761a8d1e9c99a6a472e02d6ab26c19a4b815229
SHA512

4d8d2c35432e489759691de59dcc133bc3ca833a1068963403cff07334aff285ad33dc21833ed7b9b596fcc781dd6c6cd15f1b5a47af8e270c1b63f91b3e030c
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY48N:hDXWipuE+K3/SSHgxmp

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2966ee7e9e75133ab88d7ce7c5ee2537_JaffaCakes118
- Size
  
  14KB
- MD5
  
  2966ee7e9e75133ab88d7ce7c5ee2537
- SHA1
  
  f5bb99f6195c448e1bbc2710c3b75044806d1645
- SHA256
  
  9f69224191a0a0ae606a46968761a8d1e9c99a6a472e02d6ab26c19a4b815229
- SHA512
  
  4d8d2c35432e489759691de59dcc133bc3ca833a1068963403cff07334aff285ad33dc21833ed7b9b596fcc781dd6c6cd15f1b5a47af8e270c1b63f91b3e030c
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY48N:hDXWipuE+K3/SSHgxmp
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2