21447a87d8192a2c0ca56bc50da4d256b3e17000e6436ce96b202f1306219b7e | Triage

Sharing

General

Target

68570f45a3a5301bf422fd915bc410bc_JaffaCakes118
Size

621KB
Sample

240522-x29ksade69
MD5

68570f45a3a5301bf422fd915bc410bc
SHA1

dd9a94be94bd9ae2e63e1fdb615f93fb77fe75ca
SHA256

21447a87d8192a2c0ca56bc50da4d256b3e17000e6436ce96b202f1306219b7e
SHA512

b1e533656891176bd73a90633c667a1d76dc7bc5e2f207ed01c414c470622b7a6ae51486ab236f68364c66c3f137c785b3e3009072ebc414264527fa268089da
SSDEEP

12288:rSGzBeMotypYg/9Qtxv5S6mgkJDPqH1ppspY9xJqCqL5N:tBeMtYgytxvk691jJxJqL5N

Score

7^/10

Malware Config

Targets

- Target
  
  68570f45a3a5301bf422fd915bc410bc_JaffaCakes118
- Size
  
  621KB
- MD5
  
  68570f45a3a5301bf422fd915bc410bc
- SHA1
  
  dd9a94be94bd9ae2e63e1fdb615f93fb77fe75ca
- SHA256
  
  21447a87d8192a2c0ca56bc50da4d256b3e17000e6436ce96b202f1306219b7e
- SHA512
  
  b1e533656891176bd73a90633c667a1d76dc7bc5e2f207ed01c414c470622b7a6ae51486ab236f68364c66c3f137c785b3e3009072ebc414264527fa268089da
- SSDEEP
  
  12288:rSGzBeMotypYg/9Qtxv5S6mgkJDPqH1ppspY9xJqCqL5N:tBeMtYgytxvk691jJxJqL5N
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2