0ce3670ee79151fee65be5e9a41dc16e04b653c5cf3f39e282ead0280ec836e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

374728010db560a17581324230b94736_JaffaCakes118
Size

15KB
Sample

241011-25r75ayhme
MD5

374728010db560a17581324230b94736
SHA1

75034f9a3592c633be370cd398504a8101a3b75d
SHA256

0ce3670ee79151fee65be5e9a41dc16e04b653c5cf3f39e282ead0280ec836e3
SHA512

2aa1ededa36c57108dbadeb7ca07f8becd97a108d693923a6f7c138c958ba6898973e7be769a1092d4e4ab2a6233b0f075ebbfc7f0fb56e57e38a778a911a198
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMxZaf:hDXWipuE+K3/SSHgxmH6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  374728010db560a17581324230b94736_JaffaCakes118
- Size
  
  15KB
- MD5
  
  374728010db560a17581324230b94736
- SHA1
  
  75034f9a3592c633be370cd398504a8101a3b75d
- SHA256
  
  0ce3670ee79151fee65be5e9a41dc16e04b653c5cf3f39e282ead0280ec836e3
- SHA512
  
  2aa1ededa36c57108dbadeb7ca07f8becd97a108d693923a6f7c138c958ba6898973e7be769a1092d4e4ab2a6233b0f075ebbfc7f0fb56e57e38a778a911a198
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMxZaf:hDXWipuE+K3/SSHgxmH6
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2