557f5f395cbe29723b82ace9db14c0d987bb443e88456ccafbc72b35a4848845 | Triage

Sharing

General

Target

1072583e762a79beb71955d348da8a83_JaffaCakes118
Size

14KB
Sample

241003-zh1jwawarm
MD5

1072583e762a79beb71955d348da8a83
SHA1

67ec405f66326ee11d86cf74e549f887703519c2
SHA256

557f5f395cbe29723b82ace9db14c0d987bb443e88456ccafbc72b35a4848845
SHA512

9393c0959d72410b938736ac05ee5304e3af2a2639343064a7a01f841020bccf88ddf80a2e4c9cd71d4e239001fcdb585a14f28fec87c9caf542b467a27b3c4b
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhZge:hDXWipuE+K3/SSHgx3V

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1072583e762a79beb71955d348da8a83_JaffaCakes118
- Size
  
  14KB
- MD5
  
  1072583e762a79beb71955d348da8a83
- SHA1
  
  67ec405f66326ee11d86cf74e549f887703519c2
- SHA256
  
  557f5f395cbe29723b82ace9db14c0d987bb443e88456ccafbc72b35a4848845
- SHA512
  
  9393c0959d72410b938736ac05ee5304e3af2a2639343064a7a01f841020bccf88ddf80a2e4c9cd71d4e239001fcdb585a14f28fec87c9caf542b467a27b3c4b
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhZge:hDXWipuE+K3/SSHgx3V
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2