080b0b44715036b0d88c55d7549861137775389ec1aff1297109425763e18592 | Triage

Sharing

General

Target

69c6cf03001a1ddc2c6fc1e4df454ae9_JaffaCakes118
Size

522KB
Sample

240724-b284cstfqg
MD5

69c6cf03001a1ddc2c6fc1e4df454ae9
SHA1

5e79b95d95f3352554d82f80f623cc1ab604ae05
SHA256

080b0b44715036b0d88c55d7549861137775389ec1aff1297109425763e18592
SHA512

1aa51f7e8d5ab7a7faa5b074ac0a8de94d96811fde8e1ae477fa0056112ed44888e9b26a74fff8847c09362dbd414b9f9afa48f20ee57c6297065c38e1a4a631
SSDEEP

12288:aCc7kWCGjhkqXiCAt3r758yeko9tyr4oDWc8G:aQNGjymXC3P5TwHYU

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  69c6cf03001a1ddc2c6fc1e4df454ae9_JaffaCakes118
- Size
  
  522KB
- MD5
  
  69c6cf03001a1ddc2c6fc1e4df454ae9
- SHA1
  
  5e79b95d95f3352554d82f80f623cc1ab604ae05
- SHA256
  
  080b0b44715036b0d88c55d7549861137775389ec1aff1297109425763e18592
- SHA512
  
  1aa51f7e8d5ab7a7faa5b074ac0a8de94d96811fde8e1ae477fa0056112ed44888e9b26a74fff8847c09362dbd414b9f9afa48f20ee57c6297065c38e1a4a631
- SSDEEP
  
  12288:aCc7kWCGjhkqXiCAt3r758yeko9tyr4oDWc8G:aQNGjymXC3P5TwHYU
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2