2963096fb8829e9bc5ebc7a88e0aca0d9b5177b46c6fcebb064c812c83cb5e47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e5494cf3c4285afee8230664554abd9_JaffaCakes118
Size

15KB
Sample

240329-laltvsdh3w
MD5

1e5494cf3c4285afee8230664554abd9
SHA1

38676410cdbbf72882611203ae1cab9b0ea831bd
SHA256

2963096fb8829e9bc5ebc7a88e0aca0d9b5177b46c6fcebb064c812c83cb5e47
SHA512

3d734d3bf1a65c13aa6d2cf472c0170cba1f66b5f2729b0051ca83691db9761dda5820a7037637cc2af2e6f5fda0ddf35b7d34b63a61533dc62c8ebb093f0ed7
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY4hqA:hDXWipuE+K3/SSHgxmzA

Score

7^/10

Malware Config

Targets

- Target
  
  1e5494cf3c4285afee8230664554abd9_JaffaCakes118
- Size
  
  15KB
- MD5
  
  1e5494cf3c4285afee8230664554abd9
- SHA1
  
  38676410cdbbf72882611203ae1cab9b0ea831bd
- SHA256
  
  2963096fb8829e9bc5ebc7a88e0aca0d9b5177b46c6fcebb064c812c83cb5e47
- SHA512
  
  3d734d3bf1a65c13aa6d2cf472c0170cba1f66b5f2729b0051ca83691db9761dda5820a7037637cc2af2e6f5fda0ddf35b7d34b63a61533dc62c8ebb093f0ed7
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY4hqA:hDXWipuE+K3/SSHgxmzA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2