213feae4318ff89a2f61a0c2863e8d0c58c991103f0e5295ac9fda870fa19b91 | Triage

Sharing

General

Target

fb45b1218050bc2d4ff3b78e84a1dcab_JaffaCakes118
Size

285KB
Sample

240419-116dhshf4t
MD5

fb45b1218050bc2d4ff3b78e84a1dcab
SHA1

f82266b02e4e5edeade8cbad2b72f95db00ed3b3
SHA256

213feae4318ff89a2f61a0c2863e8d0c58c991103f0e5295ac9fda870fa19b91
SHA512

9610cd589c1b675a1e354b9ea7b66585c21ce90f6981345299882bf5d8f15f255d80c64971d1b546148f71e73cd4be4fb2434d0422e39d07736a6bc7b6b0c44f
SSDEEP

3072:/VYcdLtlGon6h/kxBsqLOp6YJG+mW4mn6Z2mSPyDaQIRqIJDyEw/Qd9433n1rNdz:CWBRxSp6Ytv4mI2mSK+QIBNyd/Qd9FxG

Score

7^/10

Malware Config

Targets

- Target
  
  fb45b1218050bc2d4ff3b78e84a1dcab_JaffaCakes118
- Size
  
  285KB
- MD5
  
  fb45b1218050bc2d4ff3b78e84a1dcab
- SHA1
  
  f82266b02e4e5edeade8cbad2b72f95db00ed3b3
- SHA256
  
  213feae4318ff89a2f61a0c2863e8d0c58c991103f0e5295ac9fda870fa19b91
- SHA512
  
  9610cd589c1b675a1e354b9ea7b66585c21ce90f6981345299882bf5d8f15f255d80c64971d1b546148f71e73cd4be4fb2434d0422e39d07736a6bc7b6b0c44f
- SSDEEP
  
  3072:/VYcdLtlGon6h/kxBsqLOp6YJG+mW4mn6Z2mSPyDaQIRqIJDyEw/Qd9433n1rNdz:CWBRxSp6Ytv4mI2mSK+QIBNyd/Qd9FxG
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2