0bb29b185d99135632b822e5c4db42f2959f9e1c87d710c50f0e38b3de4fbd56 | Triage

Sharing

General

Target

e13a8a9d973f08811f348aa3ef3c8f77_JaffaCakes118
Size

319KB
Sample

240914-28dh5ssejc
MD5

e13a8a9d973f08811f348aa3ef3c8f77
SHA1

a6b4023d1447144e4030e196743803ce86a5eb5e
SHA256

0bb29b185d99135632b822e5c4db42f2959f9e1c87d710c50f0e38b3de4fbd56
SHA512

55cb82b903867bec3ae67e1bb24bdafde5bcd3656f8f545db5c5b26df58e5f1f4461daaf2acc2a46ee930d9bd1ff6f189e8a94267fef277a52b392e78553531b
SSDEEP

6144:/0IZ0/J8lG4tLwqCWkvaa5dVcVe9EXC74aR+UumBaa5G:MIZIJ8lG4tH8L542f4AVa3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e13a8a9d973f08811f348aa3ef3c8f77_JaffaCakes118
- Size
  
  319KB
- MD5
  
  e13a8a9d973f08811f348aa3ef3c8f77
- SHA1
  
  a6b4023d1447144e4030e196743803ce86a5eb5e
- SHA256
  
  0bb29b185d99135632b822e5c4db42f2959f9e1c87d710c50f0e38b3de4fbd56
- SHA512
  
  55cb82b903867bec3ae67e1bb24bdafde5bcd3656f8f545db5c5b26df58e5f1f4461daaf2acc2a46ee930d9bd1ff6f189e8a94267fef277a52b392e78553531b
- SSDEEP
  
  6144:/0IZ0/J8lG4tLwqCWkvaa5dVcVe9EXC74aR+UumBaa5G:MIZIJ8lG4tH8L542f4AVa3
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2