52628d16b46289e2e4559cde46a522c9266fa8b25a1d03d60b2ae961db907698 | Triage

Sharing

General

Target

25eae72ceec1d1ea9941ed7ff79b91f5_JaffaCakes118
Size

16KB
Sample

240329-s4658acc46
MD5

25eae72ceec1d1ea9941ed7ff79b91f5
SHA1

7ddf6008b00708bfb541a42f918d041c8c26eb99
SHA256

52628d16b46289e2e4559cde46a522c9266fa8b25a1d03d60b2ae961db907698
SHA512

d121e74817b568083e52246d5434542429827647f998d5b5af8b96705031130a791388f7f9de2519c2c712c9f05514b16d053458f79b772774e71fdfeada5a6c
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yhv5Jm:hDXWipuE+K3/SSHgxl5I

Score

7^/10

Malware Config

Targets

- Target
  
  25eae72ceec1d1ea9941ed7ff79b91f5_JaffaCakes118
- Size
  
  16KB
- MD5
  
  25eae72ceec1d1ea9941ed7ff79b91f5
- SHA1
  
  7ddf6008b00708bfb541a42f918d041c8c26eb99
- SHA256
  
  52628d16b46289e2e4559cde46a522c9266fa8b25a1d03d60b2ae961db907698
- SHA512
  
  d121e74817b568083e52246d5434542429827647f998d5b5af8b96705031130a791388f7f9de2519c2c712c9f05514b16d053458f79b772774e71fdfeada5a6c
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yhv5Jm:hDXWipuE+K3/SSHgxl5I
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2