9b15dc59f3834f09e425cf568dd0b4c15fda0f6c622660f2867f46d0a68ed314 | Triage

Sharing

General

Target

5d1c08240c594cb1763c36c7713e3124_JaffaCakes118
Size

317KB
Sample

240520-eqzmbsba74
MD5

5d1c08240c594cb1763c36c7713e3124
SHA1

a73eb2756bd96a6640fa3a53eefcb5863939a59a
SHA256

9b15dc59f3834f09e425cf568dd0b4c15fda0f6c622660f2867f46d0a68ed314
SHA512

75d77a4a6aca400c667250a5ca039e92dd208a992c8e3991eb26f74ffaf639b374036e7f0153c5be4be71d5f5d73ce9420b1931de8f81201142fc8a4bcf233d2
SSDEEP

6144:phy579BvPxiiLbii5bkgVuN+xSKV7Wkrsf7LsmBE7dVe2dKSveo0A0Zw:/y579pJvXikbkgaISKVGMCkKSveVL6

Score

7^/10

Malware Config

Targets

- Target
  
  5d1c08240c594cb1763c36c7713e3124_JaffaCakes118
- Size
  
  317KB
- MD5
  
  5d1c08240c594cb1763c36c7713e3124
- SHA1
  
  a73eb2756bd96a6640fa3a53eefcb5863939a59a
- SHA256
  
  9b15dc59f3834f09e425cf568dd0b4c15fda0f6c622660f2867f46d0a68ed314
- SHA512
  
  75d77a4a6aca400c667250a5ca039e92dd208a992c8e3991eb26f74ffaf639b374036e7f0153c5be4be71d5f5d73ce9420b1931de8f81201142fc8a4bcf233d2
- SSDEEP
  
  6144:phy579BvPxiiLbii5bkgVuN+xSKV7Wkrsf7LsmBE7dVe2dKSveo0A0Zw:/y579pJvXikbkgaISKVGMCkKSveVL6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2