51d051b44d2d085ce46d20f652d1a5d75c73f29efa4a82f4ea1b64a1b4f2f71a | Triage

Sharing

General

Target

faffd019fd1c6ddb9a62aae66ff21f72_JaffaCakes118
Size

15KB
Sample

240419-x3d59sdb99
MD5

faffd019fd1c6ddb9a62aae66ff21f72
SHA1

6fcdc9d4eb764732508d78a6201d8e33e61005ce
SHA256

51d051b44d2d085ce46d20f652d1a5d75c73f29efa4a82f4ea1b64a1b4f2f71a
SHA512

4850364c05014039a58830cc3b06b316a4f9025d2e9c3469fac3d655e4aafcb1d8c63fb666fe377caa36c9541e628972bb5d0fe9d5f0697f20307518ce534585
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhJd8j:hDXWipuE+K3/SSHgxh8j

Score

7^/10

Malware Config

Targets

- Target
  
  faffd019fd1c6ddb9a62aae66ff21f72_JaffaCakes118
- Size
  
  15KB
- MD5
  
  faffd019fd1c6ddb9a62aae66ff21f72
- SHA1
  
  6fcdc9d4eb764732508d78a6201d8e33e61005ce
- SHA256
  
  51d051b44d2d085ce46d20f652d1a5d75c73f29efa4a82f4ea1b64a1b4f2f71a
- SHA512
  
  4850364c05014039a58830cc3b06b316a4f9025d2e9c3469fac3d655e4aafcb1d8c63fb666fe377caa36c9541e628972bb5d0fe9d5f0697f20307518ce534585
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhJd8j:hDXWipuE+K3/SSHgxh8j
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2