055672f66d83a490553372c038cd491227767d728cca4faf4a67ff9c63d42b87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

487f7facd8394984778413371d3a1425_JaffaCakes118
Size

164KB
Sample

240515-27thzaha5v
MD5

487f7facd8394984778413371d3a1425
SHA1

1c46d17babbf2704e182687b34a2662553444cba
SHA256

055672f66d83a490553372c038cd491227767d728cca4faf4a67ff9c63d42b87
SHA512

2b4e0178ff7d4455b67791652af8f48db01b7c51873e807d8a064f0d53f68fe884ca16c11b0f12be6858c9317128465bc67a302b7e95eeb2c4a5ea0cd042eaf0
SSDEEP

3072:o0erJVUZdoQ+Qaf4Lx5o8TD0kQIbEHYcOzIk8UFsQvgff3lKviI5Tb7:peMnoQ+K5o8MME4cO8k3sQIfZI5f

Score

7^/10

Malware Config

Targets

- Target
  
  487f7facd8394984778413371d3a1425_JaffaCakes118
- Size
  
  164KB
- MD5
  
  487f7facd8394984778413371d3a1425
- SHA1
  
  1c46d17babbf2704e182687b34a2662553444cba
- SHA256
  
  055672f66d83a490553372c038cd491227767d728cca4faf4a67ff9c63d42b87
- SHA512
  
  2b4e0178ff7d4455b67791652af8f48db01b7c51873e807d8a064f0d53f68fe884ca16c11b0f12be6858c9317128465bc67a302b7e95eeb2c4a5ea0cd042eaf0
- SSDEEP
  
  3072:o0erJVUZdoQ+Qaf4Lx5o8TD0kQIbEHYcOzIk8UFsQvgff3lKviI5Tb7:peMnoQ+K5o8MME4cO8k3sQIfZI5f
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2