3e1a2cf6764ed3477863d2750c4316f682ed435c4cb61b18581b136ac43ba5ae | Triage

Sharing

General

Target

1951f2ecc04c0853159309a033522ea2_JaffaCakes118
Size

20KB
Sample

240329-fwgt5sae21
MD5

1951f2ecc04c0853159309a033522ea2
SHA1

5918bc99ad0ba14cd9862a597ae33015608d44b9
SHA256

3e1a2cf6764ed3477863d2750c4316f682ed435c4cb61b18581b136ac43ba5ae
SHA512

42fd9c83281f74451e4d688795c959931157c1a4a2d612fb2a5488757287ac1fbcc03e2e29a6d3db1f290953bf28ac9e88c67cdfccaf59a0f08a3f64f22f2fc7
SSDEEP

384:QLcTQvmFzKbE+QwuC6WREiHQqYBkUn/8yIYNM2Q9HB:QqQmFL+QMC9B1QYJYHB

Score

7^/10

Malware Config

Targets

- Target
  
  1951f2ecc04c0853159309a033522ea2_JaffaCakes118
- Size
  
  20KB
- MD5
  
  1951f2ecc04c0853159309a033522ea2
- SHA1
  
  5918bc99ad0ba14cd9862a597ae33015608d44b9
- SHA256
  
  3e1a2cf6764ed3477863d2750c4316f682ed435c4cb61b18581b136ac43ba5ae
- SHA512
  
  42fd9c83281f74451e4d688795c959931157c1a4a2d612fb2a5488757287ac1fbcc03e2e29a6d3db1f290953bf28ac9e88c67cdfccaf59a0f08a3f64f22f2fc7
- SSDEEP
  
  384:QLcTQvmFzKbE+QwuC6WREiHQqYBkUn/8yIYNM2Q9HB:QqQmFL+QMC9B1QYJYHB
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2