General

  • Target

    bdf6d2ff90f3abbdfa88e05f6671ffe3_JaffaCakes118

  • Size

    15.9MB

  • Sample

    240404-vnwewsdb9y

  • MD5

    bdf6d2ff90f3abbdfa88e05f6671ffe3

  • SHA1

    a6b49ef85ad58263fc964288978bb4d9c5ee4d22

  • SHA256

    332c3c9b41b949e01700e9effb7813ee15b825d0b510174aebe0d3fbff3abbc2

  • SHA512

    fc691dcbe5142b0e9ae1183cfc2d5102e08d092b4733e4196bebdbbf44f6190a01379b0cf559d891876d2f5e72934319f3fe557096a8ace244955a62ad368992

  • SSDEEP

    393216:bg7upg7upg7upg7upg7upg7upg7upg7uN:sSqSqSqSqSqSqSqSN

Score
7/10

Malware Config

Targets

    • Target

      bdf6d2ff90f3abbdfa88e05f6671ffe3_JaffaCakes118

    • Size

      15.9MB

    • MD5

      bdf6d2ff90f3abbdfa88e05f6671ffe3

    • SHA1

      a6b49ef85ad58263fc964288978bb4d9c5ee4d22

    • SHA256

      332c3c9b41b949e01700e9effb7813ee15b825d0b510174aebe0d3fbff3abbc2

    • SHA512

      fc691dcbe5142b0e9ae1183cfc2d5102e08d092b4733e4196bebdbbf44f6190a01379b0cf559d891876d2f5e72934319f3fe557096a8ace244955a62ad368992

    • SSDEEP

      393216:bg7upg7upg7upg7upg7upg7upg7upg7uN:sSqSqSqSqSqSqSqSN

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks