1fef67b7d70caeb1c82501df1c8a49513fc5484ff9423b7a2c77fa9f8fce8f47 | Triage

Sharing

General

Target

04c2d385a9913d92739cc887cb191cbc_JaffaCakes118
Size

20KB
Sample

240328-ntsgvshc54
MD5

04c2d385a9913d92739cc887cb191cbc
SHA1

c179c965d7029e361b09a04200b9f7be3d1c1b88
SHA256

1fef67b7d70caeb1c82501df1c8a49513fc5484ff9423b7a2c77fa9f8fce8f47
SHA512

34e9a614d102bad6dbd2865d0aba7cd401893ad0b3c8137d3066ab2bb18dda1c97384482d0e8c87533c48d6db7a725f77ec7ec4dc86a91fb5bccc6f5caf4fee2
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4kR:hDXWipuE+K3/SSHgxmHZkR

Score

7^/10

Malware Config

Targets

- Target
  
  04c2d385a9913d92739cc887cb191cbc_JaffaCakes118
- Size
  
  20KB
- MD5
  
  04c2d385a9913d92739cc887cb191cbc
- SHA1
  
  c179c965d7029e361b09a04200b9f7be3d1c1b88
- SHA256
  
  1fef67b7d70caeb1c82501df1c8a49513fc5484ff9423b7a2c77fa9f8fce8f47
- SHA512
  
  34e9a614d102bad6dbd2865d0aba7cd401893ad0b3c8137d3066ab2bb18dda1c97384482d0e8c87533c48d6db7a725f77ec7ec4dc86a91fb5bccc6f5caf4fee2
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4kR:hDXWipuE+K3/SSHgxmHZkR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2