8e6fbe9971bba0fcafbd38995ba8a0de4d2e2ab12eb91409e8487ae92c7c8800 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b638d606a63937c504090b24917e851_JaffaCakes118
Size

16KB
Sample

240328-vrcf7acc79
MD5

0b638d606a63937c504090b24917e851
SHA1

8ad860c8a10556bfc414ac7e835b384806c93ca5
SHA256

8e6fbe9971bba0fcafbd38995ba8a0de4d2e2ab12eb91409e8487ae92c7c8800
SHA512

b2a7810a7b48e8dc3e18d7889adb4c7992ed98d72f8b3de2ed588ae09db9138736ba08921a2b375b8ea8f2168f39ea95203485e340989653813655221bcaa89d
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYETj:hDXWipuE+K3/SSHgxmOj

Score

7^/10

Malware Config

Targets

- Target
  
  0b638d606a63937c504090b24917e851_JaffaCakes118
- Size
  
  16KB
- MD5
  
  0b638d606a63937c504090b24917e851
- SHA1
  
  8ad860c8a10556bfc414ac7e835b384806c93ca5
- SHA256
  
  8e6fbe9971bba0fcafbd38995ba8a0de4d2e2ab12eb91409e8487ae92c7c8800
- SHA512
  
  b2a7810a7b48e8dc3e18d7889adb4c7992ed98d72f8b3de2ed588ae09db9138736ba08921a2b375b8ea8f2168f39ea95203485e340989653813655221bcaa89d
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYETj:hDXWipuE+K3/SSHgxmOj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2