c0886cc4e3aa82033ef87770af50bfda7b63fbf38f31a2d65b19f728768bab4f | Triage

Sharing

General

Target

fa83bf7904cba0c1944963dd0bcd626e_JaffaCakes118
Size

20KB
Sample

240419-ryn7saeg77
MD5

fa83bf7904cba0c1944963dd0bcd626e
SHA1

3a25157344d951c9e328b42fcaf8380c7d20c001
SHA256

c0886cc4e3aa82033ef87770af50bfda7b63fbf38f31a2d65b19f728768bab4f
SHA512

16168bab7c16d8474feee48fb0da3a80d1654fa194da472493f01b7734dd577694478b7d09765d3ab538c210985dd6028ced76f2967eca0d562f61049a020c8e
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L41mm:hDXWipuE+K3/SSHgxmHZ1B

Score

7^/10

Malware Config

Targets

- Target
  
  fa83bf7904cba0c1944963dd0bcd626e_JaffaCakes118
- Size
  
  20KB
- MD5
  
  fa83bf7904cba0c1944963dd0bcd626e
- SHA1
  
  3a25157344d951c9e328b42fcaf8380c7d20c001
- SHA256
  
  c0886cc4e3aa82033ef87770af50bfda7b63fbf38f31a2d65b19f728768bab4f
- SHA512
  
  16168bab7c16d8474feee48fb0da3a80d1654fa194da472493f01b7734dd577694478b7d09765d3ab538c210985dd6028ced76f2967eca0d562f61049a020c8e
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L41mm:hDXWipuE+K3/SSHgxmHZ1B
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2