305019b0eb5ca9a6bb1703c4d4c569528835f8cfe40065815532e228c9c9b4ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a16124e6323eb1ab1ac71e0f1cac8f5_JaffaCakes118
Size

15KB
Sample

240329-ggypsaba6w
MD5

1a16124e6323eb1ab1ac71e0f1cac8f5
SHA1

ef58b89a95f9cd6aa7a95507e6225d312f4e48f5
SHA256

305019b0eb5ca9a6bb1703c4d4c569528835f8cfe40065815532e228c9c9b4ac
SHA512

58679a793ae7c9b7018d35fe7adb70a9575f6bc96db0c42127a6c12735c8d4089ac0c15dd806a5e1018e0baf35a59ac0600716ca453f05f2ed9170c92a040a04
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlPM:hDXWipuE+K3/SSHgxmlk

Score

7^/10

Malware Config

Targets

- Target
  
  1a16124e6323eb1ab1ac71e0f1cac8f5_JaffaCakes118
- Size
  
  15KB
- MD5
  
  1a16124e6323eb1ab1ac71e0f1cac8f5
- SHA1
  
  ef58b89a95f9cd6aa7a95507e6225d312f4e48f5
- SHA256
  
  305019b0eb5ca9a6bb1703c4d4c569528835f8cfe40065815532e228c9c9b4ac
- SHA512
  
  58679a793ae7c9b7018d35fe7adb70a9575f6bc96db0c42127a6c12735c8d4089ac0c15dd806a5e1018e0baf35a59ac0600716ca453f05f2ed9170c92a040a04
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlPM:hDXWipuE+K3/SSHgxmlk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2