4cc21f549bd06784c262a150b7338bc4257f088c0efcbe41fcb42ec4f575c2f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c958909869d41fe70e6474ebb22d78af_JaffaCakes118
Size

16KB
Sample

240405-dvcspabe54
MD5

c958909869d41fe70e6474ebb22d78af
SHA1

c493e88ae3e5d46ff8d6076d2831aa13ebdcc9c2
SHA256

4cc21f549bd06784c262a150b7338bc4257f088c0efcbe41fcb42ec4f575c2f5
SHA512

c08b8dac76c44421529e0c4a3914c4d04e92bd8e31ff2a4ae7d70ca2f6c55dac62102f35ed57505f0acc42eb95e53f223a2a7ff1e6df5ffdbb0ee9b110f02d1d
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh3+:hDXWipuE+K3/SSHgxw

Score

7^/10

Malware Config

Targets

- Target
  
  c958909869d41fe70e6474ebb22d78af_JaffaCakes118
- Size
  
  16KB
- MD5
  
  c958909869d41fe70e6474ebb22d78af
- SHA1
  
  c493e88ae3e5d46ff8d6076d2831aa13ebdcc9c2
- SHA256
  
  4cc21f549bd06784c262a150b7338bc4257f088c0efcbe41fcb42ec4f575c2f5
- SHA512
  
  c08b8dac76c44421529e0c4a3914c4d04e92bd8e31ff2a4ae7d70ca2f6c55dac62102f35ed57505f0acc42eb95e53f223a2a7ff1e6df5ffdbb0ee9b110f02d1d
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh3+:hDXWipuE+K3/SSHgxw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2