e2ae055cdc05ba3abb0fc6fe13496163de4c88e98ede89a73081346d978a04a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1cc58843c8cdb4665b2f2cbad644c01_JaffaCakes118
Size

3.3MB
Sample

240404-y3fjrsaa26
MD5

c1cc58843c8cdb4665b2f2cbad644c01
SHA1

0829deafb730edf6870cb95ce0ec08fac6617b6c
SHA256

e2ae055cdc05ba3abb0fc6fe13496163de4c88e98ede89a73081346d978a04a2
SHA512

e8ec2479dc9b55e268d159e98afcfd3168d4da08b7c961c21f067cfb0549551098e0bae0910cb7b2baff545d52c0f107a82e6329c7a8a4646c1fdc71b2e43710
SSDEEP

98304:1oDhtnt/FPR9hOxTq2bzWvP9fyZwVsRsbn9Fk0hg8:ODvJFPR9hOY2bzYlaY

Score

7^/10

Malware Config

Targets

- Target
  
  c1cc58843c8cdb4665b2f2cbad644c01_JaffaCakes118
- Size
  
  3.3MB
- MD5
  
  c1cc58843c8cdb4665b2f2cbad644c01
- SHA1
  
  0829deafb730edf6870cb95ce0ec08fac6617b6c
- SHA256
  
  e2ae055cdc05ba3abb0fc6fe13496163de4c88e98ede89a73081346d978a04a2
- SHA512
  
  e8ec2479dc9b55e268d159e98afcfd3168d4da08b7c961c21f067cfb0549551098e0bae0910cb7b2baff545d52c0f107a82e6329c7a8a4646c1fdc71b2e43710
- SSDEEP
  
  98304:1oDhtnt/FPR9hOxTq2bzWvP9fyZwVsRsbn9Fk0hg8:ODvJFPR9hOY2bzYlaY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2