148ed2da8b43bc06740e22ce1851aaf2d0859780d3c452fee4ef5807857c2bf1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6205a064396c8a7d39f3386d8868495a_JaffaCakes118
Size

15KB
Sample

240722-amdhgascjb
MD5

6205a064396c8a7d39f3386d8868495a
SHA1

5be8fee97e7217d2b9ba0205da9414f8077f509a
SHA256

148ed2da8b43bc06740e22ce1851aaf2d0859780d3c452fee4ef5807857c2bf1
SHA512

2d011e4efd00992e45c0a308d146a0b1687f9fbca97f631b8a24e9ab825b00ffd3a3eb584cabd09b7f6c88223d622f603398afca5edc86cd38cb73d1c3049961
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY84/p:hDXWipuE+K3/SSHgxm84/p

Score

7^/10

Malware Config

Targets

- Target
  
  6205a064396c8a7d39f3386d8868495a_JaffaCakes118
- Size
  
  15KB
- MD5
  
  6205a064396c8a7d39f3386d8868495a
- SHA1
  
  5be8fee97e7217d2b9ba0205da9414f8077f509a
- SHA256
  
  148ed2da8b43bc06740e22ce1851aaf2d0859780d3c452fee4ef5807857c2bf1
- SHA512
  
  2d011e4efd00992e45c0a308d146a0b1687f9fbca97f631b8a24e9ab825b00ffd3a3eb584cabd09b7f6c88223d622f603398afca5edc86cd38cb73d1c3049961
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY84/p:hDXWipuE+K3/SSHgxm84/p
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2