81b20134ef8bbd42de4d5f0a584c8ef719fd5bd44929444a3b3a04aa4ffeafab | Triage

Sharing

General

Target

d862237b3256fdf5f89d0ce6a1d706f9_JaffaCakes118
Size

14KB
Sample

240405-tkwqtagd8t
MD5

d862237b3256fdf5f89d0ce6a1d706f9
SHA1

86d3a6f746747807e69f1556a66d87f008850a29
SHA256

81b20134ef8bbd42de4d5f0a584c8ef719fd5bd44929444a3b3a04aa4ffeafab
SHA512

1df8575972617c074fcad80b2b3a5df876664ba4e541ef990d8b8388824de6eb795a8c8752a441e230a0d2cd5eb45acf09926a9f8d54a34e30545a9eb69cc5d4
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYq5:hDXWipuE+K3/SSHgxmq5

Score

7^/10

Malware Config

Targets

- Target
  
  d862237b3256fdf5f89d0ce6a1d706f9_JaffaCakes118
- Size
  
  14KB
- MD5
  
  d862237b3256fdf5f89d0ce6a1d706f9
- SHA1
  
  86d3a6f746747807e69f1556a66d87f008850a29
- SHA256
  
  81b20134ef8bbd42de4d5f0a584c8ef719fd5bd44929444a3b3a04aa4ffeafab
- SHA512
  
  1df8575972617c074fcad80b2b3a5df876664ba4e541ef990d8b8388824de6eb795a8c8752a441e230a0d2cd5eb45acf09926a9f8d54a34e30545a9eb69cc5d4
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYq5:hDXWipuE+K3/SSHgxmq5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2