ee3d00b1905e9c5d37bc14421a80c62a70a76e3aee1340f5837d77ca1d678ad0 | Triage

Sharing

General

Target

1976825053e6bdb4e9ec9dc58a9b6717_JaffaCakes118
Size

20KB
Sample

240329-f1pesabc98
MD5

1976825053e6bdb4e9ec9dc58a9b6717
SHA1

1e8e2f40860a9ff5de14a5a9aa584951ac2c434c
SHA256

ee3d00b1905e9c5d37bc14421a80c62a70a76e3aee1340f5837d77ca1d678ad0
SHA512

f7ed85a2476d1499695ecf45c4e3d59b94255918fa419e40b68631f80f60ff202e22d7f7715b998bde9bc3f22ba460c1ae45fcbff7cb240e7f28d85eae3857cf
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4PSR3:hDXWipuE+K3/SSHgxmHZPSR3

Score

7^/10

Malware Config

Targets

- Target
  
  1976825053e6bdb4e9ec9dc58a9b6717_JaffaCakes118
- Size
  
  20KB
- MD5
  
  1976825053e6bdb4e9ec9dc58a9b6717
- SHA1
  
  1e8e2f40860a9ff5de14a5a9aa584951ac2c434c
- SHA256
  
  ee3d00b1905e9c5d37bc14421a80c62a70a76e3aee1340f5837d77ca1d678ad0
- SHA512
  
  f7ed85a2476d1499695ecf45c4e3d59b94255918fa419e40b68631f80f60ff202e22d7f7715b998bde9bc3f22ba460c1ae45fcbff7cb240e7f28d85eae3857cf
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4PSR3:hDXWipuE+K3/SSHgxmHZPSR3
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2