9934d7d96ac58ba897c00891f138d5cc2c1f4eed9e1898b245ccb4a1b0d8c339 | Triage

Sharing

General

Target

0312b9ccae253b4ec5c871fa6a30d524_JaffaCakes118
Size

14KB
Sample

240328-mc6sgsga93
MD5

0312b9ccae253b4ec5c871fa6a30d524
SHA1

21947fa55432c80061165fe831b9b84613169694
SHA256

9934d7d96ac58ba897c00891f138d5cc2c1f4eed9e1898b245ccb4a1b0d8c339
SHA512

82c0d7018547c0c587f12d5eb292f14e8c59595b0b0b5143e173d90cac84a2b53c903865fc53db5af6c6ec640be4928bd474000d812fe13ead0a5a706c200852
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhZXdHHuGl:hDXWipuE+K3/SSHgx3NHHvl

Score

7^/10

Malware Config

Targets

- Target
  
  0312b9ccae253b4ec5c871fa6a30d524_JaffaCakes118
- Size
  
  14KB
- MD5
  
  0312b9ccae253b4ec5c871fa6a30d524
- SHA1
  
  21947fa55432c80061165fe831b9b84613169694
- SHA256
  
  9934d7d96ac58ba897c00891f138d5cc2c1f4eed9e1898b245ccb4a1b0d8c339
- SHA512
  
  82c0d7018547c0c587f12d5eb292f14e8c59595b0b0b5143e173d90cac84a2b53c903865fc53db5af6c6ec640be4928bd474000d812fe13ead0a5a706c200852
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhZXdHHuGl:hDXWipuE+K3/SSHgx3NHHvl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2