d6b5123601241e2688295dc37320be94f2532af392a792480cd809fa8699dc1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118
Size

18.5MB
Sample

240616-f91t6s1fpg
MD5

b1f11c44154a67f692c1d365ce3e840c
SHA1

b170adb2ee92c22c0c813e886a5b85955d507efc
SHA256

d6b5123601241e2688295dc37320be94f2532af392a792480cd809fa8699dc1a
SHA512

53539e68d47a4816a82d5a056584581e5c2818f5061a700faa2148baccd5adc38cf8b8920154b1c655b437e8560dc9dd2a5e0555ad02cfc5ba6f8c27ae2e4414
SSDEEP

393216:Lqrb3+y8f4sOF3Dv3VFkJp2GMJtrIkd6hTLPzpnfuivlvz+fo4/:LgT+ypsOJDvlFFtrIMQTbzpnfuqqfL

Score

5^/10

Malware Config

Targets

- Target
  
  b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118
- Size
  
  18.5MB
- MD5
  
  b1f11c44154a67f692c1d365ce3e840c
- SHA1
  
  b170adb2ee92c22c0c813e886a5b85955d507efc
- SHA256
  
  d6b5123601241e2688295dc37320be94f2532af392a792480cd809fa8699dc1a
- SHA512
  
  53539e68d47a4816a82d5a056584581e5c2818f5061a700faa2148baccd5adc38cf8b8920154b1c655b437e8560dc9dd2a5e0555ad02cfc5ba6f8c27ae2e4414
- SSDEEP
  
  393216:Lqrb3+y8f4sOF3Dv3VFkJp2GMJtrIkd6hTLPzpnfuivlvz+fo4/:LgT+ypsOJDvlFFtrIMQTbzpnfuqqfL
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2