39978f09d36bd77af452bbac65b5842f0d67cb17cb80390e2c834de2e32d5a47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d40d3bf0334520dce0c75e871c396ee7_JaffaCakes118
Size

15KB
Sample

240405-pypr7sda78
MD5

d40d3bf0334520dce0c75e871c396ee7
SHA1

7a03e71aa8a5e4a6b4a02de85fc4b45076f80c67
SHA256

39978f09d36bd77af452bbac65b5842f0d67cb17cb80390e2c834de2e32d5a47
SHA512

d6e2f14bf5a29a93a532fcf05d60dc12b26aa186534665be221823dc489945785bbb15fee4803b64ce1ce04072c07016f8e09f1daae4686a40e149c0a06edc66
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY4y:hDXWipuE+K3/SSHgxmv

Score

7^/10

Malware Config

Targets

- Target
  
  d40d3bf0334520dce0c75e871c396ee7_JaffaCakes118
- Size
  
  15KB
- MD5
  
  d40d3bf0334520dce0c75e871c396ee7
- SHA1
  
  7a03e71aa8a5e4a6b4a02de85fc4b45076f80c67
- SHA256
  
  39978f09d36bd77af452bbac65b5842f0d67cb17cb80390e2c834de2e32d5a47
- SHA512
  
  d6e2f14bf5a29a93a532fcf05d60dc12b26aa186534665be221823dc489945785bbb15fee4803b64ce1ce04072c07016f8e09f1daae4686a40e149c0a06edc66
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY4y:hDXWipuE+K3/SSHgxmv
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2