d80834ee949603eee5f9978aa5632a9a3d93bb24827c7b581a68aa895051d25e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0749ca49d332ff80c4a5136c6dc76809_JaffaCakes118
Size

14KB
Sample

241001-y5x7layfqk
MD5

0749ca49d332ff80c4a5136c6dc76809
SHA1

037cf44521603e7759df764c6184f873541ba767
SHA256

d80834ee949603eee5f9978aa5632a9a3d93bb24827c7b581a68aa895051d25e
SHA512

c2de864cb7fc863f12315e841d5d2b6c43e4e3d0509124e3b8a73fa84542031cdcebc131d22a50d86c357c0866bbde83c1878698833c5b1d0e6a2c64ebb880f9
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY41n:hDXWipuE+K3/SSHgxmyn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0749ca49d332ff80c4a5136c6dc76809_JaffaCakes118
- Size
  
  14KB
- MD5
  
  0749ca49d332ff80c4a5136c6dc76809
- SHA1
  
  037cf44521603e7759df764c6184f873541ba767
- SHA256
  
  d80834ee949603eee5f9978aa5632a9a3d93bb24827c7b581a68aa895051d25e
- SHA512
  
  c2de864cb7fc863f12315e841d5d2b6c43e4e3d0509124e3b8a73fa84542031cdcebc131d22a50d86c357c0866bbde83c1878698833c5b1d0e6a2c64ebb880f9
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY41n:hDXWipuE+K3/SSHgxmyn
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2