70f6978a4c00b25f4e1ee28215c868cb560fbd65ce102c3d48c0a3fcc1987a16 | Triage

Sharing

General

Target

03c5657911edeb3b44ef2474f2d6c58b_JaffaCakes118
Size

277KB
Sample

240427-2e9pgsaa44
MD5

03c5657911edeb3b44ef2474f2d6c58b
SHA1

a4f94422723b2b33477fd6961544088c481ed327
SHA256

70f6978a4c00b25f4e1ee28215c868cb560fbd65ce102c3d48c0a3fcc1987a16
SHA512

9dccd1d696683929743ff813d612cb480b4614aba083e1be80405fa1eb372fa8cb24b13fd4702cc3e2cf316c2dd44f1b033c93f3b38e6bfb922c12e54ae9c319
SSDEEP

6144:8LaARS0LBZmht0eQMlvNjwD4CAVvmEYX303EHweC78DjVsxd:8mAU0LrK6Mlvp6MUn0Des8DxQd

Score

7^/10

Malware Config

Targets

- Target
  
  03c5657911edeb3b44ef2474f2d6c58b_JaffaCakes118
- Size
  
  277KB
- MD5
  
  03c5657911edeb3b44ef2474f2d6c58b
- SHA1
  
  a4f94422723b2b33477fd6961544088c481ed327
- SHA256
  
  70f6978a4c00b25f4e1ee28215c868cb560fbd65ce102c3d48c0a3fcc1987a16
- SHA512
  
  9dccd1d696683929743ff813d612cb480b4614aba083e1be80405fa1eb372fa8cb24b13fd4702cc3e2cf316c2dd44f1b033c93f3b38e6bfb922c12e54ae9c319
- SSDEEP
  
  6144:8LaARS0LBZmht0eQMlvNjwD4CAVvmEYX303EHweC78DjVsxd:8mAU0LrK6Mlvp6MUn0Des8DxQd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2