General

  • Target

    ba423310ec7ba8c45138484c9f1ef211_JaffaCakes118

  • Size

    7.9MB

  • Sample

    240404-rdg8qshg6v

  • MD5

    ba423310ec7ba8c45138484c9f1ef211

  • SHA1

    6bdf4e53278bdad48e547fc1947aab83d939d771

  • SHA256

    6ea2215857dc9761b4e82286b79cd2f286a12067f9745dcbc0b9b4c827fe65f3

  • SHA512

    e0960935f361434a8c7da3574211d87b4d9c50b626729c29f0afc77ff99211d86edfc7cc818ed21bb2227eb481ae14ac650a3425b136ea6695fe0564901dd795

  • SSDEEP

    196608:8+azg7DSm+azg7DSm+azg7DSm+azg7DSN:cg7u2g7u2g7u2g7uN

Score
7/10

Malware Config

Targets

    • Target

      ba423310ec7ba8c45138484c9f1ef211_JaffaCakes118

    • Size

      7.9MB

    • MD5

      ba423310ec7ba8c45138484c9f1ef211

    • SHA1

      6bdf4e53278bdad48e547fc1947aab83d939d771

    • SHA256

      6ea2215857dc9761b4e82286b79cd2f286a12067f9745dcbc0b9b4c827fe65f3

    • SHA512

      e0960935f361434a8c7da3574211d87b4d9c50b626729c29f0afc77ff99211d86edfc7cc818ed21bb2227eb481ae14ac650a3425b136ea6695fe0564901dd795

    • SSDEEP

      196608:8+azg7DSm+azg7DSm+azg7DSm+azg7DSN:cg7u2g7u2g7u2g7uN

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks