4166a44f3e13dd539dbbfce1dcb5af47fac705f01fa864eb7dd1016beaaf8dc7 | Triage

Sharing

General

Target

0842e59497d6172c8f478909aa4c1c91_JaffaCakes118
Size

14KB
Sample

241002-bxd3eszhln
MD5

0842e59497d6172c8f478909aa4c1c91
SHA1

947164fdeee6adfea505b512cf8bbd0626878247
SHA256

4166a44f3e13dd539dbbfce1dcb5af47fac705f01fa864eb7dd1016beaaf8dc7
SHA512

7170af338e04fa31bc506f621abef3b4dbcd05ce3c40ac724689a0fbf92b8308eeea1f5657ed3ab9b67854b1cb10b93c04ea4feaa4d59bc3f6b36e1a2a4d0b96
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYWmba:hDXWipuE+K3/SSHgxmWmba

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0842e59497d6172c8f478909aa4c1c91_JaffaCakes118
- Size
  
  14KB
- MD5
  
  0842e59497d6172c8f478909aa4c1c91
- SHA1
  
  947164fdeee6adfea505b512cf8bbd0626878247
- SHA256
  
  4166a44f3e13dd539dbbfce1dcb5af47fac705f01fa864eb7dd1016beaaf8dc7
- SHA512
  
  7170af338e04fa31bc506f621abef3b4dbcd05ce3c40ac724689a0fbf92b8308eeea1f5657ed3ab9b67854b1cb10b93c04ea4feaa4d59bc3f6b36e1a2a4d0b96
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYWmba:hDXWipuE+K3/SSHgxmWmba
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2