c87d0be7f48ea2913bcde6b6524dd6f73d1692ace0b54076006f9273e814ffc0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa8545def7ba5687a618a4d59995f034_JaffaCakes118
Size

16KB
Sample

240419-r1y5rsfg5w
MD5

fa8545def7ba5687a618a4d59995f034
SHA1

d882fb49173905c69bbe192ec919667441b8311d
SHA256

c87d0be7f48ea2913bcde6b6524dd6f73d1692ace0b54076006f9273e814ffc0
SHA512

e0b87602f219e76011c709c219743b306f7b7d49cbfc291a3f4c4e7d7edcb8c14ef7629109b0fbe7c19c2a4b8bf1484c5d97cf0447fb1b9701f81381bf0a20d9
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY6:hDXWipuE+K3/SSHgxm6

Score

7^/10

Malware Config

Targets

- Target
  
  fa8545def7ba5687a618a4d59995f034_JaffaCakes118
- Size
  
  16KB
- MD5
  
  fa8545def7ba5687a618a4d59995f034
- SHA1
  
  d882fb49173905c69bbe192ec919667441b8311d
- SHA256
  
  c87d0be7f48ea2913bcde6b6524dd6f73d1692ace0b54076006f9273e814ffc0
- SHA512
  
  e0b87602f219e76011c709c219743b306f7b7d49cbfc291a3f4c4e7d7edcb8c14ef7629109b0fbe7c19c2a4b8bf1484c5d97cf0447fb1b9701f81381bf0a20d9
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY6:hDXWipuE+K3/SSHgxm6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2