f81f075f9115e6fd16668589aa9a9d95acaf19019d7e99e01aea0693bf2d2108 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfb9cd03a484e5936af5b0dfb008f557_JaffaCakes118
Size

20KB
Sample

240406-j3ej5seg96
MD5

dfb9cd03a484e5936af5b0dfb008f557
SHA1

d908a146c23bf3d4e7370adc508cbea6713399af
SHA256

f81f075f9115e6fd16668589aa9a9d95acaf19019d7e99e01aea0693bf2d2108
SHA512

a4bfcb0adcb5158ccfe6969bb54939b907a99a419ecb8342eb7d1ff101dacad17b159e7d1b1416ade63798ae1607b951d24f3304a3307aff29d48c71f629bc18
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4Rc:hDXWipuE+K3/SSHgxmHZRc

Score

7^/10

Malware Config

Targets

- Target
  
  dfb9cd03a484e5936af5b0dfb008f557_JaffaCakes118
- Size
  
  20KB
- MD5
  
  dfb9cd03a484e5936af5b0dfb008f557
- SHA1
  
  d908a146c23bf3d4e7370adc508cbea6713399af
- SHA256
  
  f81f075f9115e6fd16668589aa9a9d95acaf19019d7e99e01aea0693bf2d2108
- SHA512
  
  a4bfcb0adcb5158ccfe6969bb54939b907a99a419ecb8342eb7d1ff101dacad17b159e7d1b1416ade63798ae1607b951d24f3304a3307aff29d48c71f629bc18
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4Rc:hDXWipuE+K3/SSHgxmHZRc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2