General

  • Target

    ba15f6953e7dc22f8a4e221d4a110425_JaffaCakes118

  • Size

    7.9MB

  • Sample

    240404-q7qarsac28

  • MD5

    ba15f6953e7dc22f8a4e221d4a110425

  • SHA1

    e2fadb96b7ebaca9c462dcd52f03039833fdd931

  • SHA256

    520c9bf68a321c7882db7a06b9e34bda1759b3926e251bb91eb8dd6c57ebae1b

  • SHA512

    43b0dcf15194034dc1effba5d1203d8ddd9282640ee5c92f6d0e86795af1d2a483df9dc43a9b167c1696d9a669e7d53b42554c52b67a5999f6ff8d7f17f9c995

  • SSDEEP

    196608:0wazg7DS8wazg7DS8wazg7DS8wazg7DSv:Cg7uag7uag7uag7uv

Score
7/10

Malware Config

Targets

    • Target

      ba15f6953e7dc22f8a4e221d4a110425_JaffaCakes118

    • Size

      7.9MB

    • MD5

      ba15f6953e7dc22f8a4e221d4a110425

    • SHA1

      e2fadb96b7ebaca9c462dcd52f03039833fdd931

    • SHA256

      520c9bf68a321c7882db7a06b9e34bda1759b3926e251bb91eb8dd6c57ebae1b

    • SHA512

      43b0dcf15194034dc1effba5d1203d8ddd9282640ee5c92f6d0e86795af1d2a483df9dc43a9b167c1696d9a669e7d53b42554c52b67a5999f6ff8d7f17f9c995

    • SSDEEP

      196608:0wazg7DS8wazg7DS8wazg7DS8wazg7DSv:Cg7uag7uag7uag7uv

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks