31f7e989cfdba1a9d372ecbba75996ef342c6df77fc40436f8c8a3da72ffd7db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1f5c520cc4cb80d7e4016aeeaa1d4dd_JaffaCakes118
Size

16KB
Sample

240415-z99lvsah6z
MD5

f1f5c520cc4cb80d7e4016aeeaa1d4dd
SHA1

f3095c3fbcdc8b92284fb3b2575a8b697d67e526
SHA256

31f7e989cfdba1a9d372ecbba75996ef342c6df77fc40436f8c8a3da72ffd7db
SHA512

ee90d553b880c5900a04530ace402000ef8d6b06a0e522567ea2e84e5b4e636ad7c0cc470348bde34b8a8a0173cbd609da7e0258c15eae2203e5e74965217034
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlOjk:hDXWipuE+K3/SSHgxmlWk

Score

7^/10

Malware Config

Targets

- Target
  
  f1f5c520cc4cb80d7e4016aeeaa1d4dd_JaffaCakes118
- Size
  
  16KB
- MD5
  
  f1f5c520cc4cb80d7e4016aeeaa1d4dd
- SHA1
  
  f3095c3fbcdc8b92284fb3b2575a8b697d67e526
- SHA256
  
  31f7e989cfdba1a9d372ecbba75996ef342c6df77fc40436f8c8a3da72ffd7db
- SHA512
  
  ee90d553b880c5900a04530ace402000ef8d6b06a0e522567ea2e84e5b4e636ad7c0cc470348bde34b8a8a0173cbd609da7e0258c15eae2203e5e74965217034
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlOjk:hDXWipuE+K3/SSHgxmlWk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2