f42b4f419e10cb6eb5fcac6dbeb718fc578e097840e1dcec7870c8c40c3dbeca | Triage

Sharing

General

Target

19b4c2c33fe685ae8d5f5d3be7d4b2a5_JaffaCakes118
Size

15KB
Sample

240329-f62bjaag4v
MD5

19b4c2c33fe685ae8d5f5d3be7d4b2a5
SHA1

a578431f8271239a44b588320ddd572bf7900899
SHA256

f42b4f419e10cb6eb5fcac6dbeb718fc578e097840e1dcec7870c8c40c3dbeca
SHA512

3f71789414eb8cfc00ac1b42710162d826128a6d9c5a4867f7078771269e0638713febf0084ab4cc9bd95cce502fc9d32bfbf5f9dea0fc342b3291e948940e63
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY8unV:hDXWipuE+K3/SSHgxm8y

Score

7^/10

Malware Config

Targets

- Target
  
  19b4c2c33fe685ae8d5f5d3be7d4b2a5_JaffaCakes118
- Size
  
  15KB
- MD5
  
  19b4c2c33fe685ae8d5f5d3be7d4b2a5
- SHA1
  
  a578431f8271239a44b588320ddd572bf7900899
- SHA256
  
  f42b4f419e10cb6eb5fcac6dbeb718fc578e097840e1dcec7870c8c40c3dbeca
- SHA512
  
  3f71789414eb8cfc00ac1b42710162d826128a6d9c5a4867f7078771269e0638713febf0084ab4cc9bd95cce502fc9d32bfbf5f9dea0fc342b3291e948940e63
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY8unV:hDXWipuE+K3/SSHgxm8y
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2