26c40d8c8cc49cb7e02d499bc2f56db9fcb306d4a0000f70ebb965ac39b9983b | Triage

Sharing

General

Target

17db07e7cbcc9e18cffcb8e7d7980700_JaffaCakes118
Size

14KB
Sample

240329-ek8m2shc7v
MD5

17db07e7cbcc9e18cffcb8e7d7980700
SHA1

4e4e85dbe6b3db5911eb6428e35e73652e34f0df
SHA256

26c40d8c8cc49cb7e02d499bc2f56db9fcb306d4a0000f70ebb965ac39b9983b
SHA512

615ac4927d0a516e00f071a6e8e1fc103144f34a721a2bf487fe64319e03e7c80751c198016a2d0d5c07ec5e74508cde18f9542c1edbb292068854bb85d2de65
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYRAI:hDXWipuE+K3/SSHgxmj

Score

7^/10

Malware Config

Targets

- Target
  
  17db07e7cbcc9e18cffcb8e7d7980700_JaffaCakes118
- Size
  
  14KB
- MD5
  
  17db07e7cbcc9e18cffcb8e7d7980700
- SHA1
  
  4e4e85dbe6b3db5911eb6428e35e73652e34f0df
- SHA256
  
  26c40d8c8cc49cb7e02d499bc2f56db9fcb306d4a0000f70ebb965ac39b9983b
- SHA512
  
  615ac4927d0a516e00f071a6e8e1fc103144f34a721a2bf487fe64319e03e7c80751c198016a2d0d5c07ec5e74508cde18f9542c1edbb292068854bb85d2de65
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYRAI:hDXWipuE+K3/SSHgxmj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2