473202c5035fccc0e2f205154730b35ad70e209dd37c79f37e9cefe7697046b2 | Triage

Sharing

General

Target

ffbd348ef894a33198b49af2bf26d8e6_JaffaCakes118
Size

15KB
Sample

240930-cldsyswgqc
MD5

ffbd348ef894a33198b49af2bf26d8e6
SHA1

ce92288c922195ccfd82b07695b856a463fd0c23
SHA256

473202c5035fccc0e2f205154730b35ad70e209dd37c79f37e9cefe7697046b2
SHA512

e8568094267ae3530815f8bfd8f06aba9b8df549acc2c3e802717e855eaaed6de55c0538a5df11c6de9600ae35c36927d4b1094340937fe83ee7c47a61265873
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhJEHI:hDXWipuE+K3/SSHgxWI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ffbd348ef894a33198b49af2bf26d8e6_JaffaCakes118
- Size
  
  15KB
- MD5
  
  ffbd348ef894a33198b49af2bf26d8e6
- SHA1
  
  ce92288c922195ccfd82b07695b856a463fd0c23
- SHA256
  
  473202c5035fccc0e2f205154730b35ad70e209dd37c79f37e9cefe7697046b2
- SHA512
  
  e8568094267ae3530815f8bfd8f06aba9b8df549acc2c3e802717e855eaaed6de55c0538a5df11c6de9600ae35c36927d4b1094340937fe83ee7c47a61265873
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhJEHI:hDXWipuE+K3/SSHgxWI
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2