4e7ab1709f3a8920a2a77ce0c5fc71260933739fc291a6987c73abe344f9f068 | Triage

Sharing

General

Target

1c0fa321e025a2d26d01f650ff76356a_JaffaCakes118
Size

16KB
Sample

240329-h7gdvscc5w
MD5

1c0fa321e025a2d26d01f650ff76356a
SHA1

11539afb6962036483f0fc097cb9d6f00f13781c
SHA256

4e7ab1709f3a8920a2a77ce0c5fc71260933739fc291a6987c73abe344f9f068
SHA512

352b1853c9bec5d4250de4270b2dfdf7784050e755f8b1d730f957f52cd1cdbe7a2e66c32eba7cbfd7ca6f6c89b3fe9fdfa7506cbb1d4528c2b1d20e226fa075
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlk:hDXWipuE+K3/SSHgxmlk

Score

7^/10

Malware Config

Targets

- Target
  
  1c0fa321e025a2d26d01f650ff76356a_JaffaCakes118
- Size
  
  16KB
- MD5
  
  1c0fa321e025a2d26d01f650ff76356a
- SHA1
  
  11539afb6962036483f0fc097cb9d6f00f13781c
- SHA256
  
  4e7ab1709f3a8920a2a77ce0c5fc71260933739fc291a6987c73abe344f9f068
- SHA512
  
  352b1853c9bec5d4250de4270b2dfdf7784050e755f8b1d730f957f52cd1cdbe7a2e66c32eba7cbfd7ca6f6c89b3fe9fdfa7506cbb1d4528c2b1d20e226fa075
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlk:hDXWipuE+K3/SSHgxmlk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2