1e5a50021b6e7571e9fa24e094e51e7ace7a589e758aa72c356441ea01e5d278 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ae011be432aff827222dbe7d6311e96_JaffaCakes118
Size

15KB
Sample

240328-vam7csba3x
MD5

0ae011be432aff827222dbe7d6311e96
SHA1

522db36d85eb9e6da2559116aec3daf7f30f70ee
SHA256

1e5a50021b6e7571e9fa24e094e51e7ace7a589e758aa72c356441ea01e5d278
SHA512

28992b70a1fc343381e91f49a8b1561363e20c4862ba8e53c6b658dd13f9fb2c741caea74ebfdf155df9ebceb7d68fee53fbc6d82ee996e079b2f46d4e2ed1c6
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh4cn/vv:hDXWipuE+K3/SSHgx//vv

Score

7^/10

Malware Config

Targets

- Target
  
  0ae011be432aff827222dbe7d6311e96_JaffaCakes118
- Size
  
  15KB
- MD5
  
  0ae011be432aff827222dbe7d6311e96
- SHA1
  
  522db36d85eb9e6da2559116aec3daf7f30f70ee
- SHA256
  
  1e5a50021b6e7571e9fa24e094e51e7ace7a589e758aa72c356441ea01e5d278
- SHA512
  
  28992b70a1fc343381e91f49a8b1561363e20c4862ba8e53c6b658dd13f9fb2c741caea74ebfdf155df9ebceb7d68fee53fbc6d82ee996e079b2f46d4e2ed1c6
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh4cn/vv:hDXWipuE+K3/SSHgx//vv
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2