82af692db99c3ba7b9ae8896cae0d00b78bd3df6331a3c3ca99a5fd65d6d8637 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edeccdffc1bd333c05d43387b7ba7b51_JaffaCakes118
Size

15KB
Sample

240411-vmcamabc4x
MD5

edeccdffc1bd333c05d43387b7ba7b51
SHA1

560147057f2393a4cc1bae629ec8d87f5a96e0a1
SHA256

82af692db99c3ba7b9ae8896cae0d00b78bd3df6331a3c3ca99a5fd65d6d8637
SHA512

2068796db3107b20b4d881a3fa7e0088458631294ad5f4f4a8a271ea5b8a1f3f4c74b26c7dc06e37c4b00c7af1a49ba2f8b86f9cbee6af7e9386b8a8867537eb
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhRUqtrY:hDXWipuE+K3/SSHgx3q

Score

7^/10

Malware Config

Targets

- Target
  
  edeccdffc1bd333c05d43387b7ba7b51_JaffaCakes118
- Size
  
  15KB
- MD5
  
  edeccdffc1bd333c05d43387b7ba7b51
- SHA1
  
  560147057f2393a4cc1bae629ec8d87f5a96e0a1
- SHA256
  
  82af692db99c3ba7b9ae8896cae0d00b78bd3df6331a3c3ca99a5fd65d6d8637
- SHA512
  
  2068796db3107b20b4d881a3fa7e0088458631294ad5f4f4a8a271ea5b8a1f3f4c74b26c7dc06e37c4b00c7af1a49ba2f8b86f9cbee6af7e9386b8a8867537eb
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhRUqtrY:hDXWipuE+K3/SSHgx3q
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2