2cd80fd72927e399f2102275ba99bf1452c5cbcbccda22d3d74b6818e890ec99 | Triage

Sharing

General

Target

f749c50e362b4eb486ad3d115de67c39_JaffaCakes118
Size

20KB
Sample

240418-fa8ezabd28
MD5

f749c50e362b4eb486ad3d115de67c39
SHA1

489580175cbb8e474042a50af1a0f1d028387fa5
SHA256

2cd80fd72927e399f2102275ba99bf1452c5cbcbccda22d3d74b6818e890ec99
SHA512

ee61a2763e8d2d16503bb1d9adbf8312de18608580e5cba5411119cb1f16d18fcb2ae168bc175c998b6e566ff9dd967c2446358e21b527ae49f3588c04f69d13
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4PQ5:hDXWipuE+K3/SSHgxmHZPs

Score

7^/10

Malware Config

Targets

- Target
  
  f749c50e362b4eb486ad3d115de67c39_JaffaCakes118
- Size
  
  20KB
- MD5
  
  f749c50e362b4eb486ad3d115de67c39
- SHA1
  
  489580175cbb8e474042a50af1a0f1d028387fa5
- SHA256
  
  2cd80fd72927e399f2102275ba99bf1452c5cbcbccda22d3d74b6818e890ec99
- SHA512
  
  ee61a2763e8d2d16503bb1d9adbf8312de18608580e5cba5411119cb1f16d18fcb2ae168bc175c998b6e566ff9dd967c2446358e21b527ae49f3588c04f69d13
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4PQ5:hDXWipuE+K3/SSHgxmHZPs
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2