ac7699a7ff7ef0ea4473ce4dd6391ed175be53e3c5e884a94ffd51788a008538 | Triage

Sharing

General

Target

JaffaCakes118_f9fde476b15ad9fe7da9a629f280ae8c
Size

16KB
Sample

250111-hlsvrsskgp
MD5

f9fde476b15ad9fe7da9a629f280ae8c
SHA1

1e06abb6ceceef9fee6170b0590114979e4c1f2c
SHA256

ac7699a7ff7ef0ea4473ce4dd6391ed175be53e3c5e884a94ffd51788a008538
SHA512

df3256bd480ac979ab11d150e9ef28fbce3d82b82492bead078bea7e5bbd9ff4383d2dfcd5b78bccd64c9e41764ff0d3045402a67e5b2cabee4a9b11d896aebe
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY0Fi:hDXWipuE+K3/SSHgxm0Q

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  JaffaCakes118_f9fde476b15ad9fe7da9a629f280ae8c
- Size
  
  16KB
- MD5
  
  f9fde476b15ad9fe7da9a629f280ae8c
- SHA1
  
  1e06abb6ceceef9fee6170b0590114979e4c1f2c
- SHA256
  
  ac7699a7ff7ef0ea4473ce4dd6391ed175be53e3c5e884a94ffd51788a008538
- SHA512
  
  df3256bd480ac979ab11d150e9ef28fbce3d82b82492bead078bea7e5bbd9ff4383d2dfcd5b78bccd64c9e41764ff0d3045402a67e5b2cabee4a9b11d896aebe
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhY0Fi:hDXWipuE+K3/SSHgxm0Q
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2