General

  • Target

    befd7da007fcb4b2773f8cc8b712d586_JaffaCakes118

  • Size

    7.9MB

  • Sample

    240404-wkgm1aeb71

  • MD5

    befd7da007fcb4b2773f8cc8b712d586

  • SHA1

    66f7751d71ab1f03f0e83847d4df3d1d8b3465ac

  • SHA256

    bb09c6570dd05785d46d0dd2ec235f6f879635da0ad21f01410bb90532b0f2d9

  • SHA512

    25de7e8cfbfd7555b19e07410696e9ee9a7384a914624802e9b10b432f949c71c4f9a872e50ae28e3aae7a4360e9c0cc12a7748419ed99675a90bb01e4e0a197

  • SSDEEP

    196608:0xazg7DS8xazg7DS8xazg7DS8xazg7DSv:pg7uRg7uRg7uRg7uv

Score
7/10

Malware Config

Targets

    • Target

      befd7da007fcb4b2773f8cc8b712d586_JaffaCakes118

    • Size

      7.9MB

    • MD5

      befd7da007fcb4b2773f8cc8b712d586

    • SHA1

      66f7751d71ab1f03f0e83847d4df3d1d8b3465ac

    • SHA256

      bb09c6570dd05785d46d0dd2ec235f6f879635da0ad21f01410bb90532b0f2d9

    • SHA512

      25de7e8cfbfd7555b19e07410696e9ee9a7384a914624802e9b10b432f949c71c4f9a872e50ae28e3aae7a4360e9c0cc12a7748419ed99675a90bb01e4e0a197

    • SSDEEP

      196608:0xazg7DS8xazg7DS8xazg7DS8xazg7DSv:pg7uRg7uRg7uRg7uv

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks