General

  • Target

    bf459804b7f1771fb3ca27685fb6b5ea_JaffaCakes118

  • Size

    17KB

  • Sample

    240404-wtfgased9t

  • MD5

    bf459804b7f1771fb3ca27685fb6b5ea

  • SHA1

    076f5713da66ad5f0850a839ca488a6e3bfaff5f

  • SHA256

    99269a57910f8bc283c7f777ce44aa1eb0e2a71e8d50af80edb41fbb984a0176

  • SHA512

    4d30788211ff67190154a1f191f480378db9436399adef690d2e5334dc1d2113b8eb92eb157e8835ca975fecb74ad989af6d70629ed76d0715db78c45b6fb9fc

  • SSDEEP

    384:GFQqx9dZcmZO2Zp+Nye8pqrmub8TyztsDN:GO6dZoKK8o8TyJc

Score
8/10

Malware Config

Targets

    • Target

      bf459804b7f1771fb3ca27685fb6b5ea_JaffaCakes118

    • Size

      17KB

    • MD5

      bf459804b7f1771fb3ca27685fb6b5ea

    • SHA1

      076f5713da66ad5f0850a839ca488a6e3bfaff5f

    • SHA256

      99269a57910f8bc283c7f777ce44aa1eb0e2a71e8d50af80edb41fbb984a0176

    • SHA512

      4d30788211ff67190154a1f191f480378db9436399adef690d2e5334dc1d2113b8eb92eb157e8835ca975fecb74ad989af6d70629ed76d0715db78c45b6fb9fc

    • SSDEEP

      384:GFQqx9dZcmZO2Zp+Nye8pqrmub8TyztsDN:GO6dZoKK8o8TyJc

    Score
    8/10
    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks