General

  • Target

    JaffaCakes118_43760f64ec1ad014a22d28858acb237b

  • Size

    1.8MB

  • Sample

    250127-zdjqkavkby

  • MD5

    43760f64ec1ad014a22d28858acb237b

  • SHA1

    d11d52da84b19a6bce3d1c355d8729511fa6d260

  • SHA256

    0e6ec50d353b5c1c713fa51dfc2d24c7bf7e2975edde8fa5d671ef2a4529d458

  • SHA512

    bdad4176fd95085eeda4a81e4f78e060df6673d3fb448d39f07e7eac883ceec27697100f1ae01246a640f84aa3596c27da486c54c113af82722677f834b11cab

  • SSDEEP

    49152:uwVbfQNvZdZjdlLfxVfx8no+lmL8aWbmYfcLSY0:DVbaddfaVTELSf

Score
7/10

Malware Config

Targets

    • Target

      JaffaCakes118_43760f64ec1ad014a22d28858acb237b

    • Size

      1.8MB

    • MD5

      43760f64ec1ad014a22d28858acb237b

    • SHA1

      d11d52da84b19a6bce3d1c355d8729511fa6d260

    • SHA256

      0e6ec50d353b5c1c713fa51dfc2d24c7bf7e2975edde8fa5d671ef2a4529d458

    • SHA512

      bdad4176fd95085eeda4a81e4f78e060df6673d3fb448d39f07e7eac883ceec27697100f1ae01246a640f84aa3596c27da486c54c113af82722677f834b11cab

    • SSDEEP

      49152:uwVbfQNvZdZjdlLfxVfx8no+lmL8aWbmYfcLSY0:DVbaddfaVTELSf

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks