aa9914df93af2c310204a14511b59bf9e2dba4a59c83f28e7ad7cb31b2ed2677 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a4b71859db97cb9d30a1790654e2893_JaffaCakes118
Size

14KB
Sample

240329-gm4g8abb5y
MD5

1a4b71859db97cb9d30a1790654e2893
SHA1

cbe50049509714e9a46d5667fd0e98a0a89fbdc8
SHA256

aa9914df93af2c310204a14511b59bf9e2dba4a59c83f28e7ad7cb31b2ed2677
SHA512

e52f335a6ed4195dfa8ba93922aa4c95f933adea39dbb724eaee23c4ba909c66b286e15058c4384bac9b9c4219605a64f3664ce1df5ce8d5b9ceb705ebc97eb7
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhbuJ:hDXWipuE+K3/SSHgxcJ

Score

7^/10

Malware Config

Targets

- Target
  
  1a4b71859db97cb9d30a1790654e2893_JaffaCakes118
- Size
  
  14KB
- MD5
  
  1a4b71859db97cb9d30a1790654e2893
- SHA1
  
  cbe50049509714e9a46d5667fd0e98a0a89fbdc8
- SHA256
  
  aa9914df93af2c310204a14511b59bf9e2dba4a59c83f28e7ad7cb31b2ed2677
- SHA512
  
  e52f335a6ed4195dfa8ba93922aa4c95f933adea39dbb724eaee23c4ba909c66b286e15058c4384bac9b9c4219605a64f3664ce1df5ce8d5b9ceb705ebc97eb7
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhbuJ:hDXWipuE+K3/SSHgxcJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2