4e7b5b4c5d512792e40674261bdb140c665ec1d2ad9c59ba62488105926d3e27 | Triage

Sharing

General

Target

03d2c7448c7fadf76e92549fe87cfb51_JaffaCakes118
Size

1.1MB
Sample

240427-2y5jwaag7x
MD5

03d2c7448c7fadf76e92549fe87cfb51
SHA1

41a97a2b3f07d2855825eb334e5ab5b3e7b2a226
SHA256

4e7b5b4c5d512792e40674261bdb140c665ec1d2ad9c59ba62488105926d3e27
SHA512

c5e241dffc86bc9f6a5567243a3b71efca36ae146f58a15c86505726b7f394167fc03b92e520e1832bc2f02edab06004f7c7fed082a39cc7d078cc5b4a7d6bba
SSDEEP

24576:D9f06aiwrFnio0DQuJRSjlVJrztBSP7w69jF1+0uq0tW:xs6aiwJiBIlVbBn6BF1Wq0tW

Score

7^/10

Malware Config

Targets

- Target
  
  03d2c7448c7fadf76e92549fe87cfb51_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  03d2c7448c7fadf76e92549fe87cfb51
- SHA1
  
  41a97a2b3f07d2855825eb334e5ab5b3e7b2a226
- SHA256
  
  4e7b5b4c5d512792e40674261bdb140c665ec1d2ad9c59ba62488105926d3e27
- SHA512
  
  c5e241dffc86bc9f6a5567243a3b71efca36ae146f58a15c86505726b7f394167fc03b92e520e1832bc2f02edab06004f7c7fed082a39cc7d078cc5b4a7d6bba
- SSDEEP
  
  24576:D9f06aiwrFnio0DQuJRSjlVJrztBSP7w69jF1+0uq0tW:xs6aiwJiBIlVbBn6BF1Wq0tW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2