d9cd7f2c7876bc702808804c70a964ea571171133a737c657106c647a8dcf456 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2930b725c5003b01705ba06555aecbb7_JaffaCakes118
Size

29KB
Sample

241009-cxx1zavaql
MD5

2930b725c5003b01705ba06555aecbb7
SHA1

f19e80343d4776086cd6c3a7398ae968a1ff6199
SHA256

d9cd7f2c7876bc702808804c70a964ea571171133a737c657106c647a8dcf456
SHA512

a48f9ae3c2f08273643fffec6bedf8dd4b7d4b206f4e2b2ef0a308603baa978b81e15185953d2bdb515e87a5100a3beb47c8ea51a5c4a6f1ca41a6557b737857
SSDEEP

384:BJBcQ3oQ/jeO6Rj2cKfbKyVtGqJ06Mq0NM:1cqoGjeO6Rjnyjohq0NM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2930b725c5003b01705ba06555aecbb7_JaffaCakes118
- Size
  
  29KB
- MD5
  
  2930b725c5003b01705ba06555aecbb7
- SHA1
  
  f19e80343d4776086cd6c3a7398ae968a1ff6199
- SHA256
  
  d9cd7f2c7876bc702808804c70a964ea571171133a737c657106c647a8dcf456
- SHA512
  
  a48f9ae3c2f08273643fffec6bedf8dd4b7d4b206f4e2b2ef0a308603baa978b81e15185953d2bdb515e87a5100a3beb47c8ea51a5c4a6f1ca41a6557b737857
- SSDEEP
  
  384:BJBcQ3oQ/jeO6Rj2cKfbKyVtGqJ06Mq0NM:1cqoGjeO6Rjnyjohq0NM
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2