5b5311b75f67053c6df98825205f3badb5d80984fe9aa0e4c8b919e193f0af94 | Triage

Sharing

General

Target

2970e1c26ef472285f0888308b7f6e73_JaffaCakes118
Size

16KB
Sample

240329-w1w3mafc98
MD5

2970e1c26ef472285f0888308b7f6e73
SHA1

86953b3e9291f7a4585eef2e843055e2e2274744
SHA256

5b5311b75f67053c6df98825205f3badb5d80984fe9aa0e4c8b919e193f0af94
SHA512

87d7b25afc5c768092f5d6d0b99f9b10d56a2b696c29c9a9f3a78a1dad51901415652cc3b2edf2ab3e348af3a1b4d29f596b8c1f4e669639e2d42ed2e9f539aa
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlt:hDXWipuE+K3/SSHgxmlt

Score

7^/10

Malware Config

Targets

- Target
  
  2970e1c26ef472285f0888308b7f6e73_JaffaCakes118
- Size
  
  16KB
- MD5
  
  2970e1c26ef472285f0888308b7f6e73
- SHA1
  
  86953b3e9291f7a4585eef2e843055e2e2274744
- SHA256
  
  5b5311b75f67053c6df98825205f3badb5d80984fe9aa0e4c8b919e193f0af94
- SHA512
  
  87d7b25afc5c768092f5d6d0b99f9b10d56a2b696c29c9a9f3a78a1dad51901415652cc3b2edf2ab3e348af3a1b4d29f596b8c1f4e669639e2d42ed2e9f539aa
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlt:hDXWipuE+K3/SSHgxmlt
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2