989a48df7ec146222b9456910bd605afafcb3f77557eacae65f3226abfab13d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f858143b5e8af3326f848e490cc4bc02_JaffaCakes118
Size

14KB
Sample

240418-txps2ahe83
MD5

f858143b5e8af3326f848e490cc4bc02
SHA1

7e788604e88965dee6bf996e99dc7e8788e8ef56
SHA256

989a48df7ec146222b9456910bd605afafcb3f77557eacae65f3226abfab13d5
SHA512

11e62c3cf415976d4b96935b182688b2460353184d3933aa8219c14fd58edde13eaee41e3ffe3aebd4979fa89fc3215aec4e17c222325f899b886df6369203a8
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYvC8T:hDXWipuE+K3/SSHgxma8T

Score

7^/10

Malware Config

Targets

- Target
  
  f858143b5e8af3326f848e490cc4bc02_JaffaCakes118
- Size
  
  14KB
- MD5
  
  f858143b5e8af3326f848e490cc4bc02
- SHA1
  
  7e788604e88965dee6bf996e99dc7e8788e8ef56
- SHA256
  
  989a48df7ec146222b9456910bd605afafcb3f77557eacae65f3226abfab13d5
- SHA512
  
  11e62c3cf415976d4b96935b182688b2460353184d3933aa8219c14fd58edde13eaee41e3ffe3aebd4979fa89fc3215aec4e17c222325f899b886df6369203a8
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYvC8T:hDXWipuE+K3/SSHgxma8T
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2