2e9132fe569fb7ff32be778a21fc0a39fdbc64e937a3a25a720d557067b6e512 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e9075802329557cc9468821c8fea2a4_JaffaCakes118
Size

964KB
Sample

240329-ljj2maea6x
MD5

1e9075802329557cc9468821c8fea2a4
SHA1

6a8b58305e2cd9a208edf38ce0172be2e35b205a
SHA256

2e9132fe569fb7ff32be778a21fc0a39fdbc64e937a3a25a720d557067b6e512
SHA512

cc7fba466a34b508ed258878950f091a3a83fa6aec0c9b3015bb1671d2f4734ced5fc86b0072b1ea7e81daaefbbe5f5ededd9ba04d8d98ca9ca9ae3d7471f317
SSDEEP

12288:32Xnzm4XiXU9w7tRWhm4d3VFSr3rov8zkNKkcdsH7SE0C:unzm4iU9w7tRWhm2VOro0zkNH7SvC

Score

7^/10

Malware Config

Targets

- Target
  
  1e9075802329557cc9468821c8fea2a4_JaffaCakes118
- Size
  
  964KB
- MD5
  
  1e9075802329557cc9468821c8fea2a4
- SHA1
  
  6a8b58305e2cd9a208edf38ce0172be2e35b205a
- SHA256
  
  2e9132fe569fb7ff32be778a21fc0a39fdbc64e937a3a25a720d557067b6e512
- SHA512
  
  cc7fba466a34b508ed258878950f091a3a83fa6aec0c9b3015bb1671d2f4734ced5fc86b0072b1ea7e81daaefbbe5f5ededd9ba04d8d98ca9ca9ae3d7471f317
- SSDEEP
  
  12288:32Xnzm4XiXU9w7tRWhm4d3VFSr3rov8zkNKkcdsH7SE0C:unzm4iU9w7tRWhm2VOro0zkNH7SvC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2