8905ed9a1de99b7e5451a80654d7c8161c845a6b914532f03bb7a484c01d632d | Triage

Sharing

General

Target

ff56fe5666997d26f95a8db7068e0079_JaffaCakes118
Size

264KB
Sample

240421-qa8qvaca86
MD5

ff56fe5666997d26f95a8db7068e0079
SHA1

308466709bf45c1c4211656958aa343435286aab
SHA256

8905ed9a1de99b7e5451a80654d7c8161c845a6b914532f03bb7a484c01d632d
SHA512

4203dff75caed0e1bc8008e6175cbfcdedd8e1c1eaf47db4216d57a879b619e2a7ea60da5cab64176e534bfb53074bc1e3666f7f7aaa6eec692a21b882035400
SSDEEP

3072:uFCUs5/OfdffBoK/PyP3dOh/z51HUvtw2tpNskX+ZcBqkDGvtABJhqSAQL+NmPWl:5Ol5pPyV+/Vsw2tpNs7ZcZKwqjQLoj

Score

7^/10

Malware Config

Targets

- Target
  
  ff56fe5666997d26f95a8db7068e0079_JaffaCakes118
- Size
  
  264KB
- MD5
  
  ff56fe5666997d26f95a8db7068e0079
- SHA1
  
  308466709bf45c1c4211656958aa343435286aab
- SHA256
  
  8905ed9a1de99b7e5451a80654d7c8161c845a6b914532f03bb7a484c01d632d
- SHA512
  
  4203dff75caed0e1bc8008e6175cbfcdedd8e1c1eaf47db4216d57a879b619e2a7ea60da5cab64176e534bfb53074bc1e3666f7f7aaa6eec692a21b882035400
- SSDEEP
  
  3072:uFCUs5/OfdffBoK/PyP3dOh/z51HUvtw2tpNskX+ZcBqkDGvtABJhqSAQL+NmPWl:5Ol5pPyV+/Vsw2tpNs7ZcZKwqjQLoj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2