254ea2fb1c31685e634a26c379a2742661901686f1a0fdf38fcfc8060d59cde6 | Triage

Sharing

General

Target

JaffaCakes118_f9d1a277b59230d9739d5fedecb6ed8b
Size

20KB
Sample

250111-hgsn7syrbs
MD5

f9d1a277b59230d9739d5fedecb6ed8b
SHA1

b61d7caad9552eb9ace84c77c4fa1c6850cb6484
SHA256

254ea2fb1c31685e634a26c379a2742661901686f1a0fdf38fcfc8060d59cde6
SHA512

ff238e9980591b71e1abaa91b86914a6870a2da4a41c4d9dfe26ac63f66766532babaaf603c482abc73ac9da4f15d2741d4a1db0ad3f018470cf05c93ab868cb
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4PRSV:hDXWipuE+K3/SSHgxmHZPRy

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  JaffaCakes118_f9d1a277b59230d9739d5fedecb6ed8b
- Size
  
  20KB
- MD5
  
  f9d1a277b59230d9739d5fedecb6ed8b
- SHA1
  
  b61d7caad9552eb9ace84c77c4fa1c6850cb6484
- SHA256
  
  254ea2fb1c31685e634a26c379a2742661901686f1a0fdf38fcfc8060d59cde6
- SHA512
  
  ff238e9980591b71e1abaa91b86914a6870a2da4a41c4d9dfe26ac63f66766532babaaf603c482abc73ac9da4f15d2741d4a1db0ad3f018470cf05c93ab868cb
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4PRSV:hDXWipuE+K3/SSHgxmHZPRy
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2