cd9d533709f24a9814501c11c6f9f4479eb978c57069d928445bf4024b4193b5 | Triage

Sharing

General

Target

ead36e0353e3a5da9428929635aa779f_JaffaCakes118
Size

214KB
Sample

240919-h1wj7sxapk
MD5

ead36e0353e3a5da9428929635aa779f
SHA1

f329566dd70212fe1713ce18f3e9517483944d51
SHA256

cd9d533709f24a9814501c11c6f9f4479eb978c57069d928445bf4024b4193b5
SHA512

037948faecb0a947077babe15f9ab7bed8149eb862a0f80f5c020c1b7fabf534db457c971984b59d3de200155d24c5db331b9b1216d3df6c4c6a39404131b4a3
SSDEEP

6144:34lRkAehaKuqT+FPF9s3bYK+3YTBcI1cm0ioWtF0JoXZ7S:3kWAehJuqT29sFND1cm0iCqu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ead36e0353e3a5da9428929635aa779f_JaffaCakes118
- Size
  
  214KB
- MD5
  
  ead36e0353e3a5da9428929635aa779f
- SHA1
  
  f329566dd70212fe1713ce18f3e9517483944d51
- SHA256
  
  cd9d533709f24a9814501c11c6f9f4479eb978c57069d928445bf4024b4193b5
- SHA512
  
  037948faecb0a947077babe15f9ab7bed8149eb862a0f80f5c020c1b7fabf534db457c971984b59d3de200155d24c5db331b9b1216d3df6c4c6a39404131b4a3
- SSDEEP
  
  6144:34lRkAehaKuqT+FPF9s3bYK+3YTBcI1cm0ioWtF0JoXZ7S:3kWAehJuqT29sFND1cm0iCqu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2