e5a8755ff69ca519bf9178b5bf5f86a1777724b17e34bc9fbd1be4496d2c28c8 | Triage

Sharing

General

Target

267327823a11c335d2ab703be96052a7_JaffaCakes118
Size

15KB
Sample

240329-tkyv6sca9w
MD5

267327823a11c335d2ab703be96052a7
SHA1

4066079a2f2f2782d95f26c9321e4769060d45f2
SHA256

e5a8755ff69ca519bf9178b5bf5f86a1777724b17e34bc9fbd1be4496d2c28c8
SHA512

1d16bda64d788f848da08986a0a1d218aed8c192154f0707ce4fc0f92c28a75870770aaad0afee116b4cbd6b23d341bd3f54ecce04ef58f56e1324a6a93e3575
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYvcd:hDXWipuE+K3/SSHgxmkd

Score

7^/10

Malware Config

Targets

- Target
  
  267327823a11c335d2ab703be96052a7_JaffaCakes118
- Size
  
  15KB
- MD5
  
  267327823a11c335d2ab703be96052a7
- SHA1
  
  4066079a2f2f2782d95f26c9321e4769060d45f2
- SHA256
  
  e5a8755ff69ca519bf9178b5bf5f86a1777724b17e34bc9fbd1be4496d2c28c8
- SHA512
  
  1d16bda64d788f848da08986a0a1d218aed8c192154f0707ce4fc0f92c28a75870770aaad0afee116b4cbd6b23d341bd3f54ecce04ef58f56e1324a6a93e3575
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYvcd:hDXWipuE+K3/SSHgxmkd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2