1ea94b1abd5c7d05b282a4011933b1f4e307c4f6c6c6591771e1682cb7cd9a4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9fb2233e4b7457127be9e20c8348a4f_JaffaCakes118
Size

20KB
Sample

240405-ecgjlaca23
MD5

c9fb2233e4b7457127be9e20c8348a4f
SHA1

30179db78366170683dca9d0973ef44cad40799e
SHA256

1ea94b1abd5c7d05b282a4011933b1f4e307c4f6c6c6591771e1682cb7cd9a4f
SHA512

19012338290e87a036ec754ac24b014449bcc7aa2e7d85177b7fde5ad8bafca939feefe7615ad3997bdf43d0519ce5a80d2d9992c78daea081a8313b21c191ec
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4P8UzsRW:hDXWipuE+K3/SSHgxmHZP+w

Score

7^/10

Malware Config

Targets

- Target
  
  c9fb2233e4b7457127be9e20c8348a4f_JaffaCakes118
- Size
  
  20KB
- MD5
  
  c9fb2233e4b7457127be9e20c8348a4f
- SHA1
  
  30179db78366170683dca9d0973ef44cad40799e
- SHA256
  
  1ea94b1abd5c7d05b282a4011933b1f4e307c4f6c6c6591771e1682cb7cd9a4f
- SHA512
  
  19012338290e87a036ec754ac24b014449bcc7aa2e7d85177b7fde5ad8bafca939feefe7615ad3997bdf43d0519ce5a80d2d9992c78daea081a8313b21c191ec
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4P8UzsRW:hDXWipuE+K3/SSHgxmHZP+w
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2