97d34d27dbabb007f27aedf55a9c7ebea78384d4a8e6edd430d1245540b1dbb6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3aa78e29ca9b97e0245b102632638f86_JaffaCakes118
Size

742KB
Sample

241012-seflza1bnr
MD5

3aa78e29ca9b97e0245b102632638f86
SHA1

282eb33af1af10374d38c65a212cb9efd81d6288
SHA256

97d34d27dbabb007f27aedf55a9c7ebea78384d4a8e6edd430d1245540b1dbb6
SHA512

72f6c7db674769032f8c40be3d700bf7c0f32171151bfb0ead7e4592448778cb14c0c78b98858012f052fb257713a7005482a2c7df9f38874bf6186f6cb013f1
SSDEEP

12288:7XINMQg0h3FmY/w6+hb4wCXlbR1IMHCpbUsw4niFBuSZTPhy7kniEusqlhYHth3p:2g0h13w6+l4wqlb3gAQllhKthyXsZUf2

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3aa78e29ca9b97e0245b102632638f86_JaffaCakes118
- Size
  
  742KB
- MD5
  
  3aa78e29ca9b97e0245b102632638f86
- SHA1
  
  282eb33af1af10374d38c65a212cb9efd81d6288
- SHA256
  
  97d34d27dbabb007f27aedf55a9c7ebea78384d4a8e6edd430d1245540b1dbb6
- SHA512
  
  72f6c7db674769032f8c40be3d700bf7c0f32171151bfb0ead7e4592448778cb14c0c78b98858012f052fb257713a7005482a2c7df9f38874bf6186f6cb013f1
- SSDEEP
  
  12288:7XINMQg0h3FmY/w6+hb4wCXlbR1IMHCpbUsw4niFBuSZTPhy7kniEusqlhYHth3p:2g0h13w6+l4wqlb3gAQllhKthyXsZUf2
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2