45f2db7fb385a0b897ced85ad47b0dfe282b217864cf8c30eac5b5c06b632b3d | Triage

Sharing

General

Target

17e83badf5d724560a8a2463ea52e916_JaffaCakes118
Size

14KB
Sample

241006-nmgf1s1frr
MD5

17e83badf5d724560a8a2463ea52e916
SHA1

0857485e02cd49c0c77a38788211e718f6129b78
SHA256

45f2db7fb385a0b897ced85ad47b0dfe282b217864cf8c30eac5b5c06b632b3d
SHA512

fc59563f2c43890d78ce3f53b83ea6b59f580b34707b8520961399ad35b6b078f3388be7393ded90646f08eb768a623e28c85251e9292946fef38cf4afb8a5de
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYi:hDXWipuE+K3/SSHgxmi

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  17e83badf5d724560a8a2463ea52e916_JaffaCakes118
- Size
  
  14KB
- MD5
  
  17e83badf5d724560a8a2463ea52e916
- SHA1
  
  0857485e02cd49c0c77a38788211e718f6129b78
- SHA256
  
  45f2db7fb385a0b897ced85ad47b0dfe282b217864cf8c30eac5b5c06b632b3d
- SHA512
  
  fc59563f2c43890d78ce3f53b83ea6b59f580b34707b8520961399ad35b6b078f3388be7393ded90646f08eb768a623e28c85251e9292946fef38cf4afb8a5de
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYi:hDXWipuE+K3/SSHgxmi
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2