4af107c2bf1a685b6d22a3ed5835ace0910c867330edeef80c0f9d2a88f19f6d | Triage

Sharing

General

Target

1c1f6a017b6ad853c104a4694e2a7db3_JaffaCakes118
Size

479KB
Sample

240701-xjaczatdqa
MD5

1c1f6a017b6ad853c104a4694e2a7db3
SHA1

2de1f92d9b17acb1240bc55078d20b3b72d19deb
SHA256

4af107c2bf1a685b6d22a3ed5835ace0910c867330edeef80c0f9d2a88f19f6d
SHA512

6c3b05c154f9b63ac3332c19845bf69b6ae911e8c23e34688bb28bd11d2a30e3129466cbd6178ab1bf17879a3fe327cacaee3b365159b53fba0f0bf345034a27
SSDEEP

12288:4vr3ZBIRjIqcY0soQ9jjjQGx7OzIEyt6RjMrgy:47ZB2jIqcYxoQ9cBpjCgy

Score

7^/10

Malware Config

Targets

- Target
  
  1c1f6a017b6ad853c104a4694e2a7db3_JaffaCakes118
- Size
  
  479KB
- MD5
  
  1c1f6a017b6ad853c104a4694e2a7db3
- SHA1
  
  2de1f92d9b17acb1240bc55078d20b3b72d19deb
- SHA256
  
  4af107c2bf1a685b6d22a3ed5835ace0910c867330edeef80c0f9d2a88f19f6d
- SHA512
  
  6c3b05c154f9b63ac3332c19845bf69b6ae911e8c23e34688bb28bd11d2a30e3129466cbd6178ab1bf17879a3fe327cacaee3b365159b53fba0f0bf345034a27
- SSDEEP
  
  12288:4vr3ZBIRjIqcY0soQ9jjjQGx7OzIEyt6RjMrgy:47ZB2jIqcYxoQ9cBpjCgy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2