1f4d41f2c43191f0d32f425d1f12dc44341a0cc422e4cb446f24ad3f552ab363 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e9b852573b4fbe5ba57ef3aa26918c9_JaffaCakes118
Size

13KB
Sample

241003-jemwlssapk
MD5

0e9b852573b4fbe5ba57ef3aa26918c9
SHA1

444599e42de02a3103282147fb842f20fe83f4b1
SHA256

1f4d41f2c43191f0d32f425d1f12dc44341a0cc422e4cb446f24ad3f552ab363
SHA512

203c230b502423d31b6500e0b7c7992177e3c33e03b1f7e7b41462a4fb48a9680fa067cd074a647a400374c37c21f801a0aece08dcb0ebf10d1b0626fbc6442e
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh9:hDXWipuE+K3/SSHgxf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0e9b852573b4fbe5ba57ef3aa26918c9_JaffaCakes118
- Size
  
  13KB
- MD5
  
  0e9b852573b4fbe5ba57ef3aa26918c9
- SHA1
  
  444599e42de02a3103282147fb842f20fe83f4b1
- SHA256
  
  1f4d41f2c43191f0d32f425d1f12dc44341a0cc422e4cb446f24ad3f552ab363
- SHA512
  
  203c230b502423d31b6500e0b7c7992177e3c33e03b1f7e7b41462a4fb48a9680fa067cd074a647a400374c37c21f801a0aece08dcb0ebf10d1b0626fbc6442e
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yh9:hDXWipuE+K3/SSHgxf
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2