General

  • Target

    ba0d4deadcfd294a7bf48512ed6a5a8e_JaffaCakes118

  • Size

    15.9MB

  • Sample

    240404-q6m41she7s

  • MD5

    ba0d4deadcfd294a7bf48512ed6a5a8e

  • SHA1

    287a37a2068fc12151f86a402424c9a5429e8d45

  • SHA256

    dd0ab620c53031b2764c8122bebe6bb1dd4291072ab24ffb3b0526e05b817914

  • SHA512

    b405a0816f925dff07a873ac5a94ac0d2d6b605ef16f0640e095ff433894966f2ca84a7ac1250629735cc6e1ec410422c8709c386c33d01d205410ccc835c23f

  • SSDEEP

    393216:jg7uZg7uZg7uZg7uZg7uZg7uZg7uZg7uN:ES6S6S6S6S6S6S6SN

Score
7/10

Malware Config

Targets

    • Target

      ba0d4deadcfd294a7bf48512ed6a5a8e_JaffaCakes118

    • Size

      15.9MB

    • MD5

      ba0d4deadcfd294a7bf48512ed6a5a8e

    • SHA1

      287a37a2068fc12151f86a402424c9a5429e8d45

    • SHA256

      dd0ab620c53031b2764c8122bebe6bb1dd4291072ab24ffb3b0526e05b817914

    • SHA512

      b405a0816f925dff07a873ac5a94ac0d2d6b605ef16f0640e095ff433894966f2ca84a7ac1250629735cc6e1ec410422c8709c386c33d01d205410ccc835c23f

    • SSDEEP

      393216:jg7uZg7uZg7uZg7uZg7uZg7uZg7uZg7uN:ES6S6S6S6S6S6S6SN

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks