b7c16a5372ab2f3346fc77813205502a770a19bbe95e0f0753224f1b20193ea7 | Triage

Sharing

General

Target

f51bf8a40b96c06dc1a612cff7be72f6_JaffaCakes118
Size

774KB
Sample

240417-fxfngaee34
MD5

f51bf8a40b96c06dc1a612cff7be72f6
SHA1

5c046383e81f27bb4c4a0bd8652588f55b0884e0
SHA256

b7c16a5372ab2f3346fc77813205502a770a19bbe95e0f0753224f1b20193ea7
SHA512

18217e65517683d882ba2ecf3842bdeeb1e7a8a91864a3a5f0769ae6dca0f6fcced8c860f44948a6f8ebcde0a370fcf71674e1a720ecc35a4cf079440022e158
SSDEEP

24576:A20gPgFK44AGJAyDkziGgEf3TuJSQxAVBbIcXo:xK5bvR93T4xAjIE

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  f51bf8a40b96c06dc1a612cff7be72f6_JaffaCakes118
- Size
  
  774KB
- MD5
  
  f51bf8a40b96c06dc1a612cff7be72f6
- SHA1
  
  5c046383e81f27bb4c4a0bd8652588f55b0884e0
- SHA256
  
  b7c16a5372ab2f3346fc77813205502a770a19bbe95e0f0753224f1b20193ea7
- SHA512
  
  18217e65517683d882ba2ecf3842bdeeb1e7a8a91864a3a5f0769ae6dca0f6fcced8c860f44948a6f8ebcde0a370fcf71674e1a720ecc35a4cf079440022e158
- SSDEEP
  
  24576:A20gPgFK44AGJAyDkziGgEf3TuJSQxAVBbIcXo:xK5bvR93T4xAjIE
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2