1e3dabce3c3fed5c436e324c353f1be38be6aea29aac90db3c2d9c6dd066e00c | Triage

Sharing

General

Target

0840f2a5075f1bb3ed2c1ad89a47057b_JaffaCakes118
Size

250KB
Sample

241002-bvpfdatgqb
MD5

0840f2a5075f1bb3ed2c1ad89a47057b
SHA1

81752d5ffa1933433f009a9bb8cc9ac1ad2490b5
SHA256

1e3dabce3c3fed5c436e324c353f1be38be6aea29aac90db3c2d9c6dd066e00c
SHA512

ba9acfbcfb8d5c278e0b3001087cf787fd85837aa02a6a40b38605ce9096b6d7c0ec47c184c3cc8faf3dc4f5843bf01e48f9d8622b0fd57036302fc74bacea79
SSDEEP

3072:rQpH1+b2BUFjoVYAeHV0pkXtV1YrrTsGAEGZqFNLzYNXLXC7arPYbBfeQwwgAnA:k6SBgjiYKk9yIGAJQFmTqSoxeQQyA

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0840f2a5075f1bb3ed2c1ad89a47057b_JaffaCakes118
- Size
  
  250KB
- MD5
  
  0840f2a5075f1bb3ed2c1ad89a47057b
- SHA1
  
  81752d5ffa1933433f009a9bb8cc9ac1ad2490b5
- SHA256
  
  1e3dabce3c3fed5c436e324c353f1be38be6aea29aac90db3c2d9c6dd066e00c
- SHA512
  
  ba9acfbcfb8d5c278e0b3001087cf787fd85837aa02a6a40b38605ce9096b6d7c0ec47c184c3cc8faf3dc4f5843bf01e48f9d8622b0fd57036302fc74bacea79
- SSDEEP
  
  3072:rQpH1+b2BUFjoVYAeHV0pkXtV1YrrTsGAEGZqFNLzYNXLXC7arPYbBfeQwwgAnA:k6SBgjiYKk9yIGAJQFmTqSoxeQQyA
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2