General

  • Target

    be3ac09e1e59bd6c4d95aedd312d24fe_JaffaCakes118

  • Size

    7.9MB

  • Sample

    240404-vwzghsea85

  • MD5

    be3ac09e1e59bd6c4d95aedd312d24fe

  • SHA1

    fa294475786914fec9fd74fca916ebc3053d535a

  • SHA256

    2e4015c5e5cff7be53f4b615cb0ac53813e2e79e26581bca288d63bc4354cf77

  • SHA512

    98eee9c2c99bb887fbb8f3e72bcce2f24cacd7d806c0ab9f9790a13b6570a704c0bdc8704aa785c98dbd99083230dbe27059d1295c02265e97ce045ea6b36d77

  • SSDEEP

    196608:05azg7DS85azg7DS85azg7DS85azg7DSv:Ng7u1g7u1g7u1g7uv

Score
7/10

Malware Config

Targets

    • Target

      be3ac09e1e59bd6c4d95aedd312d24fe_JaffaCakes118

    • Size

      7.9MB

    • MD5

      be3ac09e1e59bd6c4d95aedd312d24fe

    • SHA1

      fa294475786914fec9fd74fca916ebc3053d535a

    • SHA256

      2e4015c5e5cff7be53f4b615cb0ac53813e2e79e26581bca288d63bc4354cf77

    • SHA512

      98eee9c2c99bb887fbb8f3e72bcce2f24cacd7d806c0ab9f9790a13b6570a704c0bdc8704aa785c98dbd99083230dbe27059d1295c02265e97ce045ea6b36d77

    • SSDEEP

      196608:05azg7DS85azg7DS85azg7DS85azg7DSv:Ng7u1g7u1g7u1g7uv

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks