e5ea9321f0e75c4fe9e35c17123cf902d38f67dad49d73f41b2caf3264d626be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9df2c91dcd33ca498c1aff5122321b8_JaffaCakes118
Size

4.2MB
Sample

240405-d9r6xsbh49
MD5

c9df2c91dcd33ca498c1aff5122321b8
SHA1

b663b3ede3c8a1c26d598c3bdb1484490e2a2648
SHA256

e5ea9321f0e75c4fe9e35c17123cf902d38f67dad49d73f41b2caf3264d626be
SHA512

ac6e4524f8b81437196c64b8e0b53286a09929ecf3baabfeb212998c628feab4e82561b3cadd3e82d05b5315a561b465de3f8ca81eb6ee6e4d779820501be973
SSDEEP

98304:mhFtXB4uluJRmMg6QWlIpgi0rHqsih/mCqZB4ulur:IvsJR0TW6yiIKRhzqtsr

Score

7^/10

Malware Config

Targets

- Target
  
  c9df2c91dcd33ca498c1aff5122321b8_JaffaCakes118
- Size
  
  4.2MB
- MD5
  
  c9df2c91dcd33ca498c1aff5122321b8
- SHA1
  
  b663b3ede3c8a1c26d598c3bdb1484490e2a2648
- SHA256
  
  e5ea9321f0e75c4fe9e35c17123cf902d38f67dad49d73f41b2caf3264d626be
- SHA512
  
  ac6e4524f8b81437196c64b8e0b53286a09929ecf3baabfeb212998c628feab4e82561b3cadd3e82d05b5315a561b465de3f8ca81eb6ee6e4d779820501be973
- SSDEEP
  
  98304:mhFtXB4uluJRmMg6QWlIpgi0rHqsih/mCqZB4ulur:IvsJR0TW6yiIKRhzqtsr
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2