1c0fb95388f6abdda01a52b238868e4be0716a3fc30e3f32aeb4c0695d3f085f | Triage

Sharing

General

Target

2a199d6f1d78544b189a3039a2e5327f_JaffaCakes118
Size

16KB
Sample

240329-xleepsga74
MD5

2a199d6f1d78544b189a3039a2e5327f
SHA1

aabe548e2279b1d62a0c05f1e9e248dcb8b77300
SHA256

1c0fb95388f6abdda01a52b238868e4be0716a3fc30e3f32aeb4c0695d3f085f
SHA512

b29a416d097fabf1d406107f48dd1f9767450da94a58629c96bf9f2b3b4f474e88eaf71565985b4c8a3a65ff6c897f6f9c527df254f3f9caf14b0e5ad30fe3cd
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlY2d:hDXWipuE+K3/SSHgxmlYu

Score

7^/10

Malware Config

Targets

- Target
  
  2a199d6f1d78544b189a3039a2e5327f_JaffaCakes118
- Size
  
  16KB
- MD5
  
  2a199d6f1d78544b189a3039a2e5327f
- SHA1
  
  aabe548e2279b1d62a0c05f1e9e248dcb8b77300
- SHA256
  
  1c0fb95388f6abdda01a52b238868e4be0716a3fc30e3f32aeb4c0695d3f085f
- SHA512
  
  b29a416d097fabf1d406107f48dd1f9767450da94a58629c96bf9f2b3b4f474e88eaf71565985b4c8a3a65ff6c897f6f9c527df254f3f9caf14b0e5ad30fe3cd
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlY2d:hDXWipuE+K3/SSHgxmlYu
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2