37510414f14ad4dcb1ac39389b780a41a3fb51e49b622674b412530df8b97e76 | Triage

Sharing

General

Target

f6b18431ece19f476dca31b78341ad94_JaffaCakes118
Size

333KB
Sample

240417-18hmesfh95
MD5

f6b18431ece19f476dca31b78341ad94
SHA1

a7509cac6172868ce888944481c515a10fb8f965
SHA256

37510414f14ad4dcb1ac39389b780a41a3fb51e49b622674b412530df8b97e76
SHA512

69a9a279d3a89e97224330f90efd2c35057a04226f2039a52d48731eea16140aafab332769a17d73ad00cbb3ba6111cd9c30e2f7aedc03488fa119761987cdf8
SSDEEP

6144:M4P/QINHyzVlCx9F241mx7SQ7KdqfI/vm9wbnM:M2NHyZlC1241y7SMI/vnM

Score

7^/10

Malware Config

Targets

- Target
  
  f6b18431ece19f476dca31b78341ad94_JaffaCakes118
- Size
  
  333KB
- MD5
  
  f6b18431ece19f476dca31b78341ad94
- SHA1
  
  a7509cac6172868ce888944481c515a10fb8f965
- SHA256
  
  37510414f14ad4dcb1ac39389b780a41a3fb51e49b622674b412530df8b97e76
- SHA512
  
  69a9a279d3a89e97224330f90efd2c35057a04226f2039a52d48731eea16140aafab332769a17d73ad00cbb3ba6111cd9c30e2f7aedc03488fa119761987cdf8
- SSDEEP
  
  6144:M4P/QINHyzVlCx9F241mx7SQ7KdqfI/vm9wbnM:M2NHyZlC1241y7SMI/vnM
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2