796f6164a7e8c17565f7f76c6c06bc4b4e3544a5a414ab3efb1811671ad51125 | Triage

Sharing

General

Target

63ab52937c3c1c9393181ef4ae32a1e9_JaffaCakes118
Size

405KB
Sample

240521-r5a9hahf4z
MD5

63ab52937c3c1c9393181ef4ae32a1e9
SHA1

22a397899a23ab43227ef5ca89141065b26e251c
SHA256

796f6164a7e8c17565f7f76c6c06bc4b4e3544a5a414ab3efb1811671ad51125
SHA512

e58fe5f2ee6bc59eaa295856e3a13c425e6ba1a35a42685872c26a4d6aec525179bcaf55a92f3eaa356792cc276eda7ae50b1376b2283043a2d0eb158e124a76
SSDEEP

6144:NHajM693leP42YvYLo+naiSVBQddhOihH30XidU0DCzncwF0Q7JY+7:Nmp9V4CA1IBOoidU0DCovQ7JD7

Score

7^/10

Malware Config

Targets

- Target
  
  63ab52937c3c1c9393181ef4ae32a1e9_JaffaCakes118
- Size
  
  405KB
- MD5
  
  63ab52937c3c1c9393181ef4ae32a1e9
- SHA1
  
  22a397899a23ab43227ef5ca89141065b26e251c
- SHA256
  
  796f6164a7e8c17565f7f76c6c06bc4b4e3544a5a414ab3efb1811671ad51125
- SHA512
  
  e58fe5f2ee6bc59eaa295856e3a13c425e6ba1a35a42685872c26a4d6aec525179bcaf55a92f3eaa356792cc276eda7ae50b1376b2283043a2d0eb158e124a76
- SSDEEP
  
  6144:NHajM693leP42YvYLo+naiSVBQddhOihH30XidU0DCzncwF0Q7JY+7:Nmp9V4CA1IBOoidU0DCovQ7JD7
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2