b152f7bd3eb844c0df044a72c44b83f6a01ec7cab3a4ede1e3e8053554498031 | Triage

Sharing

General

Target

824199573c216eb291634340682e673e_JaffaCakes118
Size

93KB
Sample

240802-ab15dstdqp
MD5

824199573c216eb291634340682e673e
SHA1

4bebc107a323cd17cc1b70b3b4ae804c7fb09ba5
SHA256

b152f7bd3eb844c0df044a72c44b83f6a01ec7cab3a4ede1e3e8053554498031
SHA512

ee2f7a2f67c730eb111e1d27d0ee879558473197b0a44b57cc6c62f6b278445e58e1487e13ce62bf87260b5b709daefe5ab031fcea452ce7bd3bdb619adfe43d
SSDEEP

1536:JcHB9bZy2vYmcPBEbnm3o7Wxwh+2qIZv4eVLSwl:JcHB9bZyGcPBEbn/7JhDweJ5l

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  824199573c216eb291634340682e673e_JaffaCakes118
- Size
  
  93KB
- MD5
  
  824199573c216eb291634340682e673e
- SHA1
  
  4bebc107a323cd17cc1b70b3b4ae804c7fb09ba5
- SHA256
  
  b152f7bd3eb844c0df044a72c44b83f6a01ec7cab3a4ede1e3e8053554498031
- SHA512
  
  ee2f7a2f67c730eb111e1d27d0ee879558473197b0a44b57cc6c62f6b278445e58e1487e13ce62bf87260b5b709daefe5ab031fcea452ce7bd3bdb619adfe43d
- SSDEEP
  
  1536:JcHB9bZy2vYmcPBEbnm3o7Wxwh+2qIZv4eVLSwl:JcHB9bZyGcPBEbn/7JhDweJ5l
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2