5d02a6ea1442f7ff05ccb7ec9f3861eba70ccf904579b4f0bbe611b2b9f887e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4456f0494e71973e04c9f1f112a1a163_JaffaCakes118
Size

19KB
Sample

240714-e9ndeawhpk
MD5

4456f0494e71973e04c9f1f112a1a163
SHA1

b95b4e188b08050ada53adca43fd25e0e30f9826
SHA256

5d02a6ea1442f7ff05ccb7ec9f3861eba70ccf904579b4f0bbe611b2b9f887e8
SHA512

550c0653eb727bdf02e4c4a6fac493380e15ae49364a9104aa32d79003462bb045df83d9c3bda01c504e6446903f67c6c2a0f4d882395e45acbf594355f5e5d1
SSDEEP

384:ZkyUZvppfbDWNKDL4YV+g3/TITcUs6VUpopnSS6vZuwfEB/fN:3UN/34bYV+qIBWormZvonN

Score

7^/10

Malware Config

Targets

- Target
  
  4456f0494e71973e04c9f1f112a1a163_JaffaCakes118
- Size
  
  19KB
- MD5
  
  4456f0494e71973e04c9f1f112a1a163
- SHA1
  
  b95b4e188b08050ada53adca43fd25e0e30f9826
- SHA256
  
  5d02a6ea1442f7ff05ccb7ec9f3861eba70ccf904579b4f0bbe611b2b9f887e8
- SHA512
  
  550c0653eb727bdf02e4c4a6fac493380e15ae49364a9104aa32d79003462bb045df83d9c3bda01c504e6446903f67c6c2a0f4d882395e45acbf594355f5e5d1
- SSDEEP
  
  384:ZkyUZvppfbDWNKDL4YV+g3/TITcUs6VUpopnSS6vZuwfEB/fN:3UN/34bYV+qIBWormZvonN
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2