ea818cdf1f7510d8d167f9898e3130f6656960d7bb16a2c938fc43d4f538ea4f | Triage

Sharing

General

Target

44ed37df880b56f52a1149354083d167_JaffaCakes118
Size

184KB
Sample

241015-asac1athjc
MD5

44ed37df880b56f52a1149354083d167
SHA1

c41d9728dbc6aa51f3f88755b7c1e072f80e010f
SHA256

ea818cdf1f7510d8d167f9898e3130f6656960d7bb16a2c938fc43d4f538ea4f
SHA512

553a9d10f8ffb2e6b03d144bcda5eb4ab19407e3b365f8c222835e928ccf1b66ba9dfb31afbadfa885e0cb0a5f4c46b96a915d7cc02f9caa5b2891f1f049b4a7
SSDEEP

3072:yGkx3zz8yFuVZa5STVjSec0D5B7gl98XY4gK5m0VQi0U:yGkJAsuVZVjSec0DjklKfmk0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  44ed37df880b56f52a1149354083d167_JaffaCakes118
- Size
  
  184KB
- MD5
  
  44ed37df880b56f52a1149354083d167
- SHA1
  
  c41d9728dbc6aa51f3f88755b7c1e072f80e010f
- SHA256
  
  ea818cdf1f7510d8d167f9898e3130f6656960d7bb16a2c938fc43d4f538ea4f
- SHA512
  
  553a9d10f8ffb2e6b03d144bcda5eb4ab19407e3b365f8c222835e928ccf1b66ba9dfb31afbadfa885e0cb0a5f4c46b96a915d7cc02f9caa5b2891f1f049b4a7
- SSDEEP
  
  3072:yGkx3zz8yFuVZa5STVjSec0D5B7gl98XY4gK5m0VQi0U:yGkJAsuVZVjSec0DjklKfmk0
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2