06a92f75e72da3efb9bdde608d837ec3eb51ad745a9086f8f7fefebabd695998 | Triage

Sharing

General

Target

853bf9e5c20337de17b36f38ae89cd7a_JaffaCakes118
Size

639KB
Sample

240530-28xl1sef43
MD5

853bf9e5c20337de17b36f38ae89cd7a
SHA1

d33c79a235cadfe194dac01066afc300572c06f0
SHA256

06a92f75e72da3efb9bdde608d837ec3eb51ad745a9086f8f7fefebabd695998
SHA512

2c3cbee7cc69a450845fe5a5f20ba9e8cfbc916c57e4161bd39d8d7e74a2a5670f21f91b5f737d91e8284783b133677fc7e03d1e2fbdd481dacd88ac7addc380
SSDEEP

12288:7w4ub21OBjYGRaJQagcBIzZn3OEXlI/4okHd3hLH9tf0RVaR:ULb2lGRFdp3+kHdldtmVaR

Score

7^/10

Malware Config

Targets

- Target
  
  853bf9e5c20337de17b36f38ae89cd7a_JaffaCakes118
- Size
  
  639KB
- MD5
  
  853bf9e5c20337de17b36f38ae89cd7a
- SHA1
  
  d33c79a235cadfe194dac01066afc300572c06f0
- SHA256
  
  06a92f75e72da3efb9bdde608d837ec3eb51ad745a9086f8f7fefebabd695998
- SHA512
  
  2c3cbee7cc69a450845fe5a5f20ba9e8cfbc916c57e4161bd39d8d7e74a2a5670f21f91b5f737d91e8284783b133677fc7e03d1e2fbdd481dacd88ac7addc380
- SSDEEP
  
  12288:7w4ub21OBjYGRaJQagcBIzZn3OEXlI/4okHd3hLH9tf0RVaR:ULb2lGRFdp3+kHdldtmVaR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2