21b659bbc59593ae8e08f0192a657bb2028d5efff1453080c878c894461656d2 | Triage

Sharing

General

Target

d7edc031b01cd05e9e9e2ec5bb2a653d_JaffaCakes118
Size

15KB
Sample

240405-s7x2qage52
MD5

d7edc031b01cd05e9e9e2ec5bb2a653d
SHA1

c3bc79316add683361103d4662ea6c3c903e6d2f
SHA256

21b659bbc59593ae8e08f0192a657bb2028d5efff1453080c878c894461656d2
SHA512

a4324105c1e48ca9a6d9cb903235555d5bb41475b93a3ec2d54c9cbb3195a752ede30d81c930dcd84f946140b0753176d60784c396d2c115ca879869db3dbdd6
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY/wrW:hDXWipuE+K3/SSHgxm/F

Score

7^/10

Malware Config

Targets

- Target
  
  d7edc031b01cd05e9e9e2ec5bb2a653d_JaffaCakes118
- Size
  
  15KB
- MD5
  
  d7edc031b01cd05e9e9e2ec5bb2a653d
- SHA1
  
  c3bc79316add683361103d4662ea6c3c903e6d2f
- SHA256
  
  21b659bbc59593ae8e08f0192a657bb2028d5efff1453080c878c894461656d2
- SHA512
  
  a4324105c1e48ca9a6d9cb903235555d5bb41475b93a3ec2d54c9cbb3195a752ede30d81c930dcd84f946140b0753176d60784c396d2c115ca879869db3dbdd6
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY/wrW:hDXWipuE+K3/SSHgxm/F
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2