28ddf2ef2111dfb77df93fe3dba18e68a4f65b5ec40e345b0b75b5f879c065fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24c09f386700f0a41cd2703cb0388181_JaffaCakes118
Size

64KB
Sample

240704-fxagfswekl
MD5

24c09f386700f0a41cd2703cb0388181
SHA1

07dcaa275947247b004ce2d051fd741dcb9ce0d5
SHA256

28ddf2ef2111dfb77df93fe3dba18e68a4f65b5ec40e345b0b75b5f879c065fd
SHA512

b3a608d8e8fd3e84485cd1c641bdba661185a35c1a7672356587783c80815dbf0257ccaa5231432d83e32a756decb4be325ab5b31e76de74600176a582dcd926
SSDEEP

768:4ivR95RwDKtqfNJSFzo/8Bt2Xiz7bYoh8T0Bz4rVqc1s7GPAyeGYbpae2o7CDu:4q95btqfNUiGt2G8IBW9TAynYb3gDu

Score

7^/10

Malware Config

Targets

- Target
  
  24c09f386700f0a41cd2703cb0388181_JaffaCakes118
- Size
  
  64KB
- MD5
  
  24c09f386700f0a41cd2703cb0388181
- SHA1
  
  07dcaa275947247b004ce2d051fd741dcb9ce0d5
- SHA256
  
  28ddf2ef2111dfb77df93fe3dba18e68a4f65b5ec40e345b0b75b5f879c065fd
- SHA512
  
  b3a608d8e8fd3e84485cd1c641bdba661185a35c1a7672356587783c80815dbf0257ccaa5231432d83e32a756decb4be325ab5b31e76de74600176a582dcd926
- SSDEEP
  
  768:4ivR95RwDKtqfNJSFzo/8Bt2Xiz7bYoh8T0Bz4rVqc1s7GPAyeGYbpae2o7CDu:4q95btqfNUiGt2G8IBW9TAynYb3gDu
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2