04ca7f4583896b615ebb662c8e7c6eb36ede6c05f836ab1457b3d0c9d10dc302 | Triage

Sharing

General

Target

67e9a242f98b89b2e9b97c6b18fa52a4_JaffaCakes118
Size

14KB
Sample

240723-rnpqkaxdne
MD5

67e9a242f98b89b2e9b97c6b18fa52a4
SHA1

a1ff53748f8519c80d12d653abfee750026910bb
SHA256

04ca7f4583896b615ebb662c8e7c6eb36ede6c05f836ab1457b3d0c9d10dc302
SHA512

f269c6f964d6119965148ffcd4464f75a05ca680dbc011b6789e479b8b939fe2600ecfebf7396cf5d6f935b125b6068d9b027414468a5d1d1d6dd3d0021fd753
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY/Q:hDXWipuE+K3/SSHgxm/Q

Score

7^/10

Malware Config

Targets

- Target
  
  67e9a242f98b89b2e9b97c6b18fa52a4_JaffaCakes118
- Size
  
  14KB
- MD5
  
  67e9a242f98b89b2e9b97c6b18fa52a4
- SHA1
  
  a1ff53748f8519c80d12d653abfee750026910bb
- SHA256
  
  04ca7f4583896b615ebb662c8e7c6eb36ede6c05f836ab1457b3d0c9d10dc302
- SHA512
  
  f269c6f964d6119965148ffcd4464f75a05ca680dbc011b6789e479b8b939fe2600ecfebf7396cf5d6f935b125b6068d9b027414468a5d1d1d6dd3d0021fd753
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY/Q:hDXWipuE+K3/SSHgxm/Q
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2