967826854ab0e5d0a53ef9e4ee83ba97cb908651744ba10e369a99c76330f67b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da058ca6868e8b88d5abe99bfd43e742_JaffaCakes118
Size

14KB
Sample

240911-k3pksatbne
MD5

da058ca6868e8b88d5abe99bfd43e742
SHA1

48f24ef442a77e6e1a998d484152ae1238380391
SHA256

967826854ab0e5d0a53ef9e4ee83ba97cb908651744ba10e369a99c76330f67b
SHA512

ab21d34faeffb9ebf15868e48c87cd7790e439478b0fbeb7aeff04d15a341b9e254487ca67bb643a91f470f39cb49771f4da08e81e886bb72cf1114212989e27
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlz9:hDXWipuE+K3/SSHgxmlh

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  da058ca6868e8b88d5abe99bfd43e742_JaffaCakes118
- Size
  
  14KB
- MD5
  
  da058ca6868e8b88d5abe99bfd43e742
- SHA1
  
  48f24ef442a77e6e1a998d484152ae1238380391
- SHA256
  
  967826854ab0e5d0a53ef9e4ee83ba97cb908651744ba10e369a99c76330f67b
- SHA512
  
  ab21d34faeffb9ebf15868e48c87cd7790e439478b0fbeb7aeff04d15a341b9e254487ca67bb643a91f470f39cb49771f4da08e81e886bb72cf1114212989e27
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlz9:hDXWipuE+K3/SSHgxmlh
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2