fb684bd39b5f614f94f3e4bf8a407484abe240c5fc6beefd8217e2292b1640b6 | Triage

Sharing

General

Target

c083ee511cd18d39cd6c1c7fa4d2b3da_JaffaCakes118
Size

10KB
Sample

240404-xyldsage33
MD5

c083ee511cd18d39cd6c1c7fa4d2b3da
SHA1

394fd3f2aa41f902c09b3e1f79fa066aba40a206
SHA256

fb684bd39b5f614f94f3e4bf8a407484abe240c5fc6beefd8217e2292b1640b6
SHA512

e20841cd4e70c7cd6ee3c6e2d428d33444a9e023360fe025a8dc0fde7dcc32a1831b8778807559cd0ba0fb02c84d8bd6a559d25811333edfa388d9802bc63572
SSDEEP

192:K5FzRJ0y4SCUSkgb+yaZOvp5VJ0NuwsmMvHZL:K30y4exydV2i5L

Score

7^/10

Malware Config

Targets

- Target
  
  c083ee511cd18d39cd6c1c7fa4d2b3da_JaffaCakes118
- Size
  
  10KB
- MD5
  
  c083ee511cd18d39cd6c1c7fa4d2b3da
- SHA1
  
  394fd3f2aa41f902c09b3e1f79fa066aba40a206
- SHA256
  
  fb684bd39b5f614f94f3e4bf8a407484abe240c5fc6beefd8217e2292b1640b6
- SHA512
  
  e20841cd4e70c7cd6ee3c6e2d428d33444a9e023360fe025a8dc0fde7dcc32a1831b8778807559cd0ba0fb02c84d8bd6a559d25811333edfa388d9802bc63572
- SSDEEP
  
  192:K5FzRJ0y4SCUSkgb+yaZOvp5VJ0NuwsmMvHZL:K30y4exydV2i5L
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2