b4aca56b71a4c62b1bb89d66b403ee0474f679460a4da66c3676c3ffd90bc27b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2decdc767d826a04b1b564670a2c4190_JaffaCakes118
Size

14KB
Sample

241009-kdmpwsyfmk
MD5

2decdc767d826a04b1b564670a2c4190
SHA1

bfb27272d3178bc01be0dd57c8ab854a0642f6d4
SHA256

b4aca56b71a4c62b1bb89d66b403ee0474f679460a4da66c3676c3ffd90bc27b
SHA512

e6a55a9dc99b52f4bc9e2e76262ed51b737265a6a6016301bd78d155a50262f6d946b503d3322f515372f5ded9d64d199c35b8bb5b6d29396994069544f2ce99
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhW:hDXWipuE+K3/SSHgx4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2decdc767d826a04b1b564670a2c4190_JaffaCakes118
- Size
  
  14KB
- MD5
  
  2decdc767d826a04b1b564670a2c4190
- SHA1
  
  bfb27272d3178bc01be0dd57c8ab854a0642f6d4
- SHA256
  
  b4aca56b71a4c62b1bb89d66b403ee0474f679460a4da66c3676c3ffd90bc27b
- SHA512
  
  e6a55a9dc99b52f4bc9e2e76262ed51b737265a6a6016301bd78d155a50262f6d946b503d3322f515372f5ded9d64d199c35b8bb5b6d29396994069544f2ce99
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhW:hDXWipuE+K3/SSHgx4
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2