f3442220948be10ac6b5a0fc6b7d54e12ea5d93ed6ef8963ae927d9359df60d3 | Triage

Sharing

General

Target

672743cfe4e8b7ab9d0d79e32165ff70_JaffaCakes118
Size

167KB
Sample

240723-l72ata1dqn
MD5

672743cfe4e8b7ab9d0d79e32165ff70
SHA1

783ec1a765c0d0e73fb0a382d57285bf1a7f9ce2
SHA256

f3442220948be10ac6b5a0fc6b7d54e12ea5d93ed6ef8963ae927d9359df60d3
SHA512

3af74958bc765a8bfa93437168df21ba44d8ac8a1b006ec15084dfe672f9dd57555f552446f729aa593b42f1bd987f700ac4e2c9418a59d1f24669b46ea55059
SSDEEP

3072:tVX+U5ON1N662FEsc9xLFepY5/zuiGpDXozm9x7Zy4yb4+Hosfbn:Y6/cvLEq5LuVpDlz7wzo4j

Score

7^/10

Malware Config

Targets

- Target
  
  672743cfe4e8b7ab9d0d79e32165ff70_JaffaCakes118
- Size
  
  167KB
- MD5
  
  672743cfe4e8b7ab9d0d79e32165ff70
- SHA1
  
  783ec1a765c0d0e73fb0a382d57285bf1a7f9ce2
- SHA256
  
  f3442220948be10ac6b5a0fc6b7d54e12ea5d93ed6ef8963ae927d9359df60d3
- SHA512
  
  3af74958bc765a8bfa93437168df21ba44d8ac8a1b006ec15084dfe672f9dd57555f552446f729aa593b42f1bd987f700ac4e2c9418a59d1f24669b46ea55059
- SSDEEP
  
  3072:tVX+U5ON1N662FEsc9xLFepY5/zuiGpDXozm9x7Zy4yb4+Hosfbn:Y6/cvLEq5LuVpDlz7wzo4j
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2