57717635931640e93c65af8d17d010c67ad3b9d2c71962a0a4ca5ed516a7007b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de51d445052f178393551d9e554359d5_JaffaCakes118
Size

15KB
Sample

240406-ht1wcadg57
MD5

de51d445052f178393551d9e554359d5
SHA1

136b184498a14b43eeedcd2c353556377d64378c
SHA256

57717635931640e93c65af8d17d010c67ad3b9d2c71962a0a4ca5ed516a7007b
SHA512

d8714e4bf70eb309e0559c6f2370439a8f2a839a65948a580fbad58f8884c689d6c5c40a26dbdb10b71fde8d186e76f0b2483a4d701e5b3d3ace98552796d4ad
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh4cn/i:hDXWipuE+K3/SSHgx//i

Score

7^/10

Malware Config

Targets

- Target
  
  de51d445052f178393551d9e554359d5_JaffaCakes118
- Size
  
  15KB
- MD5
  
  de51d445052f178393551d9e554359d5
- SHA1
  
  136b184498a14b43eeedcd2c353556377d64378c
- SHA256
  
  57717635931640e93c65af8d17d010c67ad3b9d2c71962a0a4ca5ed516a7007b
- SHA512
  
  d8714e4bf70eb309e0559c6f2370439a8f2a839a65948a580fbad58f8884c689d6c5c40a26dbdb10b71fde8d186e76f0b2483a4d701e5b3d3ace98552796d4ad
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh4cn/i:hDXWipuE+K3/SSHgx//i
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2