6d56b99b840d03ffc5e06481a9f2dd2554d9b4ee6b5b5ae0b7d2b3713bfddb5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f4845cf504a9c45ad286c8ce9413d01_JaffaCakes118
Size

240KB
Sample

240520-qkmw5aca44
MD5

5f4845cf504a9c45ad286c8ce9413d01
SHA1

58ca18c9484c4c1b97222142f0f1aa9586871241
SHA256

6d56b99b840d03ffc5e06481a9f2dd2554d9b4ee6b5b5ae0b7d2b3713bfddb5e
SHA512

0ca4cbd65689be1a0cd03fe3609f47fb9c9062cda4636f0739518d0280935b1ca5cf582070656982bb83c3e9d3de4017fdbcae7ecfe0b2991e6b06d64faccfc6
SSDEEP

6144:9ZyMeM8GKfnY3GCgc1Xz8FbCddDoxoec0aU4dpW:9ZyMehG1cID8FbCddEaU4HW

Score

7^/10

Malware Config

Targets

- Target
  
  5f4845cf504a9c45ad286c8ce9413d01_JaffaCakes118
- Size
  
  240KB
- MD5
  
  5f4845cf504a9c45ad286c8ce9413d01
- SHA1
  
  58ca18c9484c4c1b97222142f0f1aa9586871241
- SHA256
  
  6d56b99b840d03ffc5e06481a9f2dd2554d9b4ee6b5b5ae0b7d2b3713bfddb5e
- SHA512
  
  0ca4cbd65689be1a0cd03fe3609f47fb9c9062cda4636f0739518d0280935b1ca5cf582070656982bb83c3e9d3de4017fdbcae7ecfe0b2991e6b06d64faccfc6
- SSDEEP
  
  6144:9ZyMeM8GKfnY3GCgc1Xz8FbCddDoxoec0aU4dpW:9ZyMehG1cID8FbCddEaU4HW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2