02e5155fea9f2c38927c2b634d0034cbb25bb3c1c9d2f8aa8f97bf0ceb03f628 | Triage

Sharing

General

Target

43c5baf7ad06d639f2dde69cd5466490_JaffaCakes118
Size

5.8MB
Sample

240515-arq95age39
MD5

43c5baf7ad06d639f2dde69cd5466490
SHA1

8b118600d6cfd32d2be63d4808543e1e7ce5fd6d
SHA256

02e5155fea9f2c38927c2b634d0034cbb25bb3c1c9d2f8aa8f97bf0ceb03f628
SHA512

54eff62e2c47a5eb821f30bc4b2c68c59ca374c5c6732432fd11448494f514cd2ee1eada5ca30e42b2d3f4f9f3bbcc07b186ded83c1defa4de2ae3d15b10cd6b
SSDEEP

98304:rG5Qgt2HGWp+qnIwHRMhAvr6TJjqmU9RXTo+O7sn3drKWCdi/Cebpe5NcvQv0ROL:rG54+qnvzTlmUnXhOvWCMKebpedOOj/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  43c5baf7ad06d639f2dde69cd5466490_JaffaCakes118
- Size
  
  5.8MB
- MD5
  
  43c5baf7ad06d639f2dde69cd5466490
- SHA1
  
  8b118600d6cfd32d2be63d4808543e1e7ce5fd6d
- SHA256
  
  02e5155fea9f2c38927c2b634d0034cbb25bb3c1c9d2f8aa8f97bf0ceb03f628
- SHA512
  
  54eff62e2c47a5eb821f30bc4b2c68c59ca374c5c6732432fd11448494f514cd2ee1eada5ca30e42b2d3f4f9f3bbcc07b186ded83c1defa4de2ae3d15b10cd6b
- SSDEEP
  
  98304:rG5Qgt2HGWp+qnIwHRMhAvr6TJjqmU9RXTo+O7sn3drKWCdi/Cebpe5NcvQv0ROL:rG54+qnvzTlmUnXhOvWCMKebpedOOj/
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2