5589e4095f39ca088d125ed9d024d2313edb48f58c09b35fc3d73db8c2e3067e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a96b4e42148d30e7d68223ab220c2a9_JaffaCakes118
Size

14KB
Sample

240329-gw7k8sbd2s
MD5

1a96b4e42148d30e7d68223ab220c2a9
SHA1

f16504fd42f64e423fbac55ecb7618755efca471
SHA256

5589e4095f39ca088d125ed9d024d2313edb48f58c09b35fc3d73db8c2e3067e
SHA512

c19ad1d96c33102dee389a5d30deb1999b6ddfab342e9f6cba7f5621164693744feef3aab777283ef7fd1c0ceea095e2dc069c65bfa5ccab01e692d8974dda4c
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhZeN:hDXWipuE+K3/SSHgx3eN

Score

7^/10

Malware Config

Targets

- Target
  
  1a96b4e42148d30e7d68223ab220c2a9_JaffaCakes118
- Size
  
  14KB
- MD5
  
  1a96b4e42148d30e7d68223ab220c2a9
- SHA1
  
  f16504fd42f64e423fbac55ecb7618755efca471
- SHA256
  
  5589e4095f39ca088d125ed9d024d2313edb48f58c09b35fc3d73db8c2e3067e
- SHA512
  
  c19ad1d96c33102dee389a5d30deb1999b6ddfab342e9f6cba7f5621164693744feef3aab777283ef7fd1c0ceea095e2dc069c65bfa5ccab01e692d8974dda4c
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhZeN:hDXWipuE+K3/SSHgx3eN
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2