16099f4d008095f98a0a4b678dea41ac10dd0b763b82ff24b747399b88c29967 | Triage

Sharing

General

Target

a0763171103e92a0af25c9dfe6787cf6_JaffaCakes118
Size

412KB
Sample

240612-ncawgssekh
MD5

a0763171103e92a0af25c9dfe6787cf6
SHA1

b9d3beaf4071f4ada3ccc1cbe5ea6afd1a76c0a1
SHA256

16099f4d008095f98a0a4b678dea41ac10dd0b763b82ff24b747399b88c29967
SHA512

88bc6d6af72ed96311341629020cb1ddb4dcd4a5307f1d266cae20e7f3271d78136ab82709d48c41a357398f7bddf4067023e52779f982c8a4c13a4a8e535724
SSDEEP

6144:DPGH/TuTa1OzLr7nkCZsqHrqAOKAOKHZJNUxSNGztR8bmsQQ5T5HHkmc:DEifsqHrqQQNUncbmslT1c

Score

7^/10

Malware Config

Targets

- Target
  
  a0763171103e92a0af25c9dfe6787cf6_JaffaCakes118
- Size
  
  412KB
- MD5
  
  a0763171103e92a0af25c9dfe6787cf6
- SHA1
  
  b9d3beaf4071f4ada3ccc1cbe5ea6afd1a76c0a1
- SHA256
  
  16099f4d008095f98a0a4b678dea41ac10dd0b763b82ff24b747399b88c29967
- SHA512
  
  88bc6d6af72ed96311341629020cb1ddb4dcd4a5307f1d266cae20e7f3271d78136ab82709d48c41a357398f7bddf4067023e52779f982c8a4c13a4a8e535724
- SSDEEP
  
  6144:DPGH/TuTa1OzLr7nkCZsqHrqAOKAOKHZJNUxSNGztR8bmsQQ5T5HHkmc:DEifsqHrqQQNUncbmslT1c
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2