05bbab0386133ba28831074ee7546b2602807c44c22331599bed0a6b72736f25 | Triage

Sharing

General

Target

fdde02ffc0c11e37597f16e75443951c_JaffaCakes118
Size

212KB
Sample

240420-25rllacd43
MD5

fdde02ffc0c11e37597f16e75443951c
SHA1

a6e186c8e7d3840dbc8400e11601dd3ac2ebd8a2
SHA256

05bbab0386133ba28831074ee7546b2602807c44c22331599bed0a6b72736f25
SHA512

3be9bf4dc19d3ceeac2a3908aadb5f131671ee77d3fc214595c0880e987258432a41b940ded180075fce378a52b2f2905e90fd4ede23715221423cfb7c32d824
SSDEEP

3072:JPFIGJkYW3qeavs02vkk6eslROTBSmAJHrzhIiL+5X/h1osrXLuldnzsGvYm:JOGJkY2Nvkk6dlRCS59P3G5frql+Fm

Score

7^/10

Malware Config

Targets

- Target
  
  fdde02ffc0c11e37597f16e75443951c_JaffaCakes118
- Size
  
  212KB
- MD5
  
  fdde02ffc0c11e37597f16e75443951c
- SHA1
  
  a6e186c8e7d3840dbc8400e11601dd3ac2ebd8a2
- SHA256
  
  05bbab0386133ba28831074ee7546b2602807c44c22331599bed0a6b72736f25
- SHA512
  
  3be9bf4dc19d3ceeac2a3908aadb5f131671ee77d3fc214595c0880e987258432a41b940ded180075fce378a52b2f2905e90fd4ede23715221423cfb7c32d824
- SSDEEP
  
  3072:JPFIGJkYW3qeavs02vkk6eslROTBSmAJHrzhIiL+5X/h1osrXLuldnzsGvYm:JOGJkY2Nvkk6dlRCS59P3G5frql+Fm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2