fed5291c2443e49e70d89de0f944621a4dead8e16e023947a0f3923598aac816 | Triage

Sharing

General

Target

06e931b42b33ab3a95c666b5fc2ae6fa_JaffaCakes118
Size

16KB
Sample

240328-qw2jnage46
MD5

06e931b42b33ab3a95c666b5fc2ae6fa
SHA1

97d8d1909fe36851133a65228c14b58b922b8367
SHA256

fed5291c2443e49e70d89de0f944621a4dead8e16e023947a0f3923598aac816
SHA512

98bac124308982722c3f848db8bd2f56f739d73449a035f06f059f67a099afe2ce164208d63906fd557a6f62f9311166ac21b0dcda1e4b3d2dc5d7f46528443d
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yhv5Z7+K:hDXWipuE+K3/SSHgxl50K

Score

7^/10

Malware Config

Targets

- Target
  
  06e931b42b33ab3a95c666b5fc2ae6fa_JaffaCakes118
- Size
  
  16KB
- MD5
  
  06e931b42b33ab3a95c666b5fc2ae6fa
- SHA1
  
  97d8d1909fe36851133a65228c14b58b922b8367
- SHA256
  
  fed5291c2443e49e70d89de0f944621a4dead8e16e023947a0f3923598aac816
- SHA512
  
  98bac124308982722c3f848db8bd2f56f739d73449a035f06f059f67a099afe2ce164208d63906fd557a6f62f9311166ac21b0dcda1e4b3d2dc5d7f46528443d
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yhv5Z7+K:hDXWipuE+K3/SSHgxl50K
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2