35daab41dd448e4f8caa7cb12f000e0ae76f0c6ed790fcb2f2b35f28ddadefbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f8115c0f4f9c02b10995b823003f4f6b_JaffaCakes118
Size

15KB
Sample

240418-qf8m2aeb77
MD5

f8115c0f4f9c02b10995b823003f4f6b
SHA1

eeb3bb51e830ecf7f74bd9308b39d4eba93db2ec
SHA256

35daab41dd448e4f8caa7cb12f000e0ae76f0c6ed790fcb2f2b35f28ddadefbf
SHA512

013d0caa4b279665b3a351e44edbdca8aa00cd5c19a2b3f08bcfb79fbce947356533ba37a1e44cc97fd82b6c230542722e1ec66238960cf9bceeba7513a2ac5c
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY5cYg9:hDXWipuE+K3/SSHgxmI

Score

7^/10

Malware Config

Targets

- Target
  
  f8115c0f4f9c02b10995b823003f4f6b_JaffaCakes118
- Size
  
  15KB
- MD5
  
  f8115c0f4f9c02b10995b823003f4f6b
- SHA1
  
  eeb3bb51e830ecf7f74bd9308b39d4eba93db2ec
- SHA256
  
  35daab41dd448e4f8caa7cb12f000e0ae76f0c6ed790fcb2f2b35f28ddadefbf
- SHA512
  
  013d0caa4b279665b3a351e44edbdca8aa00cd5c19a2b3f08bcfb79fbce947356533ba37a1e44cc97fd82b6c230542722e1ec66238960cf9bceeba7513a2ac5c
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY5cYg9:hDXWipuE+K3/SSHgxmI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2