General

  • Target

    b88f953d73d7f62791ef26e166996855_JaffaCakes118

  • Size

    15.9MB

  • Sample

    240404-pveg3agd29

  • MD5

    b88f953d73d7f62791ef26e166996855

  • SHA1

    e11340fd6b807474b735811583638079abc939ab

  • SHA256

    d4d33e49b3a09b18a9ca25a5c4c4bc1837690f2bceb29ae09dbb00b85ae6f3a6

  • SHA512

    e525ceec8700828e5c6d045de77353cabf6dbae2ccf98065657740036243f1621b036bc56b4d33050146b55c4f040b7aeead7e8692186061b30398d873175b7e

  • SSDEEP

    393216:2g7uAg7uAg7uAg7uAg7uAg7uAg7uAg7uN:bStStStStStStStSN

Score
7/10

Malware Config

Targets

    • Target

      b88f953d73d7f62791ef26e166996855_JaffaCakes118

    • Size

      15.9MB

    • MD5

      b88f953d73d7f62791ef26e166996855

    • SHA1

      e11340fd6b807474b735811583638079abc939ab

    • SHA256

      d4d33e49b3a09b18a9ca25a5c4c4bc1837690f2bceb29ae09dbb00b85ae6f3a6

    • SHA512

      e525ceec8700828e5c6d045de77353cabf6dbae2ccf98065657740036243f1621b036bc56b4d33050146b55c4f040b7aeead7e8692186061b30398d873175b7e

    • SSDEEP

      393216:2g7uAg7uAg7uAg7uAg7uAg7uAg7uAg7uN:bStStStStStStStSN

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks