e0af586859b8acb210706bf8e31c7f06e83505ef96f3a0b696a97e38a032ed0f | Triage

Sharing

General

Target

46ff96f5af8ef17d5cc8e5a79dbfb40b_JaffaCakes118
Size

17KB
Sample

240714-w3929sscln
MD5

46ff96f5af8ef17d5cc8e5a79dbfb40b
SHA1

239957f49617bb4de5c41bc20babb0638855b35d
SHA256

e0af586859b8acb210706bf8e31c7f06e83505ef96f3a0b696a97e38a032ed0f
SHA512

82b8fc1085b154df5ee97dfb69f619a7db0f2fdfd2ca0e6c6f078c3a337eed0d0930c8978042bcfa316fc1c5f24fd00de0ee6f328fc58a2932fadb7bcc4b46f9
SSDEEP

384:0edQZBSx4hO2fCRHDXEutzk0cSnCpacoqj771KZx5jI0/JGO+AxTr6+I9PfYUDrV:Pd6xnC9DUSzkPSCVzrx0/JGOJxqLoI4+

Score

7^/10

Malware Config

Targets

- Target
  
  46ff96f5af8ef17d5cc8e5a79dbfb40b_JaffaCakes118
- Size
  
  17KB
- MD5
  
  46ff96f5af8ef17d5cc8e5a79dbfb40b
- SHA1
  
  239957f49617bb4de5c41bc20babb0638855b35d
- SHA256
  
  e0af586859b8acb210706bf8e31c7f06e83505ef96f3a0b696a97e38a032ed0f
- SHA512
  
  82b8fc1085b154df5ee97dfb69f619a7db0f2fdfd2ca0e6c6f078c3a337eed0d0930c8978042bcfa316fc1c5f24fd00de0ee6f328fc58a2932fadb7bcc4b46f9
- SSDEEP
  
  384:0edQZBSx4hO2fCRHDXEutzk0cSnCpacoqj771KZx5jI0/JGO+AxTr6+I9PfYUDrV:Pd6xnC9DUSzkPSCVzrx0/JGOJxqLoI4+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2