7f4c9a51a16f9ffa37d2869c65c11a433d98a5209b93163a27ea011b2ff31329 | Triage

Sharing

General

Target

ff5af37897aa175a858d3dc86c0312e4_JaffaCakes118
Size

20KB
Sample

240421-qghs1acb87
MD5

ff5af37897aa175a858d3dc86c0312e4
SHA1

2979b2fdf98237bd448c172c59d6a3c14610e895
SHA256

7f4c9a51a16f9ffa37d2869c65c11a433d98a5209b93163a27ea011b2ff31329
SHA512

72655bcaa0a29da245b8653392804033f5362ebc06761549a874ffaaab419235cfa397755ec3875da49de670c1e097183ddb1197c8872313996a40cddb8432a6
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4PSR:hDXWipuE+K3/SSHgxmHZPSR

Score

7^/10

Malware Config

Targets

- Target
  
  ff5af37897aa175a858d3dc86c0312e4_JaffaCakes118
- Size
  
  20KB
- MD5
  
  ff5af37897aa175a858d3dc86c0312e4
- SHA1
  
  2979b2fdf98237bd448c172c59d6a3c14610e895
- SHA256
  
  7f4c9a51a16f9ffa37d2869c65c11a433d98a5209b93163a27ea011b2ff31329
- SHA512
  
  72655bcaa0a29da245b8653392804033f5362ebc06761549a874ffaaab419235cfa397755ec3875da49de670c1e097183ddb1197c8872313996a40cddb8432a6
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4PSR:hDXWipuE+K3/SSHgxmHZPSR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2