ca0911347e67ffa58db9ccb00f178ba0d904124631173973dd547f68593cbd90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86de7514562f471d0ef90cbf20b15827_JaffaCakes118
Size

254KB
Sample

240810-vbge7ssdlh
MD5

86de7514562f471d0ef90cbf20b15827
SHA1

19f7482b5dad8ac2a7967aee6658e100bf07dc12
SHA256

ca0911347e67ffa58db9ccb00f178ba0d904124631173973dd547f68593cbd90
SHA512

5701fc2a674ec74f18e31f518d9b0a2c064c37c1cd3ccb020c76b756f32c560d36ae567f79eb937e7539bc03aeb4d419270c873880eefc496fcd9f8a9584e752
SSDEEP

3072:BJazJIYo+Q8a5G/vMrka1SyLyrAbjYRliEC2adaFHFHAzlhBSPm56Bet:626a5G/v1a1vLyrlRli2JFlHAQe5mK

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  86de7514562f471d0ef90cbf20b15827_JaffaCakes118
- Size
  
  254KB
- MD5
  
  86de7514562f471d0ef90cbf20b15827
- SHA1
  
  19f7482b5dad8ac2a7967aee6658e100bf07dc12
- SHA256
  
  ca0911347e67ffa58db9ccb00f178ba0d904124631173973dd547f68593cbd90
- SHA512
  
  5701fc2a674ec74f18e31f518d9b0a2c064c37c1cd3ccb020c76b756f32c560d36ae567f79eb937e7539bc03aeb4d419270c873880eefc496fcd9f8a9584e752
- SSDEEP
  
  3072:BJazJIYo+Q8a5G/vMrka1SyLyrAbjYRliEC2adaFHFHAzlhBSPm56Bet:626a5G/v1a1vLyrlRli2JFlHAQe5mK
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2