150a501850051370cfbee31c0677c9f5db92217fa41111d0f7d594b3c5c4835e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bb66a3cadf4ad2daaec44a0ed02489c_JaffaCakes118
Size

471KB
Sample

240516-slrmtaad6v
MD5

4bb66a3cadf4ad2daaec44a0ed02489c
SHA1

1894cb3035627c03e224ca9936b318f19b3c95c1
SHA256

150a501850051370cfbee31c0677c9f5db92217fa41111d0f7d594b3c5c4835e
SHA512

e88ff709cda75b1477aef25798cab2139fbdf833508024df07b669d699ebd961486df7dca63f0f3a4da4ee27d006438811d0ed4d54deafcb2fbaa2e0d361294b
SSDEEP

6144:Vmsyd7BspOWZ+Stxo3Gc2uqy3gu88mWCMpCRWFf2Kj+m+6XjY1x:BpO3StxwGc2c3tfmfsCRA22+m+8ux

Score

7^/10

Malware Config

Targets

- Target
  
  4bb66a3cadf4ad2daaec44a0ed02489c_JaffaCakes118
- Size
  
  471KB
- MD5
  
  4bb66a3cadf4ad2daaec44a0ed02489c
- SHA1
  
  1894cb3035627c03e224ca9936b318f19b3c95c1
- SHA256
  
  150a501850051370cfbee31c0677c9f5db92217fa41111d0f7d594b3c5c4835e
- SHA512
  
  e88ff709cda75b1477aef25798cab2139fbdf833508024df07b669d699ebd961486df7dca63f0f3a4da4ee27d006438811d0ed4d54deafcb2fbaa2e0d361294b
- SSDEEP
  
  6144:Vmsyd7BspOWZ+Stxo3Gc2uqy3gu88mWCMpCRWFf2Kj+m+6XjY1x:BpO3StxwGc2c3tfmfsCRA22+m+8ux
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2