4477f07e443931c3273827a0a8d9e91ea079479c11f5f9cd168901ed19e1a802 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

278971bcb86e55eb280f536b4f245d5d_JaffaCakes118
Size

15KB
Sample

241009-ahff9ssann
MD5

278971bcb86e55eb280f536b4f245d5d
SHA1

1d5a78b55b13a8c478be15bc6b28544c0ff1422d
SHA256

4477f07e443931c3273827a0a8d9e91ea079479c11f5f9cd168901ed19e1a802
SHA512

44b558cf2ec1f3250153a55b5b0a76fedb3899969883e76e86a413a1db89b1d3b5510d40871de2485212b689a954a6ce2faceeb63161c6f817d6fb2eebb132eb
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMxK:hDXWipuE+K3/SSHgxmHU

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  278971bcb86e55eb280f536b4f245d5d_JaffaCakes118
- Size
  
  15KB
- MD5
  
  278971bcb86e55eb280f536b4f245d5d
- SHA1
  
  1d5a78b55b13a8c478be15bc6b28544c0ff1422d
- SHA256
  
  4477f07e443931c3273827a0a8d9e91ea079479c11f5f9cd168901ed19e1a802
- SHA512
  
  44b558cf2ec1f3250153a55b5b0a76fedb3899969883e76e86a413a1db89b1d3b5510d40871de2485212b689a954a6ce2faceeb63161c6f817d6fb2eebb132eb
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMxK:hDXWipuE+K3/SSHgxmHU
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2