General

  • Target

    b8ce562e57a188912561833ce84e94a8_JaffaCakes118

  • Size

    15.9MB

  • Sample

    240404-p33jvsgh38

  • MD5

    b8ce562e57a188912561833ce84e94a8

  • SHA1

    b927349971d577f6a2264cf7cf40d25ae5977f88

  • SHA256

    b70b93f120a8af84a8c883d3eb0ca7cfe5016a1e496ae9a884eef8d263e88cd4

  • SHA512

    4886973dbbae9aad0b923ceb6a37b3a46885fe0721264de306a5ccb1238ec13e74309db50cf97bc2d549b5838b521fcfd894d21aea0e873c2e4901097c1aa821

  • SSDEEP

    393216:fg7u1g7u1g7u1g7u1g7u1g7u1g7u1g7uN:IS+S+S+S+S+S+S+SN

Score
7/10

Malware Config

Targets

    • Target

      b8ce562e57a188912561833ce84e94a8_JaffaCakes118

    • Size

      15.9MB

    • MD5

      b8ce562e57a188912561833ce84e94a8

    • SHA1

      b927349971d577f6a2264cf7cf40d25ae5977f88

    • SHA256

      b70b93f120a8af84a8c883d3eb0ca7cfe5016a1e496ae9a884eef8d263e88cd4

    • SHA512

      4886973dbbae9aad0b923ceb6a37b3a46885fe0721264de306a5ccb1238ec13e74309db50cf97bc2d549b5838b521fcfd894d21aea0e873c2e4901097c1aa821

    • SSDEEP

      393216:fg7u1g7u1g7u1g7u1g7u1g7u1g7u1g7uN:IS+S+S+S+S+S+S+SN

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks