fb228c47d6df84e060dac5bf8cb58c99fea115239a1d3a5d46075bd0831a6584 | Triage

Sharing

General

Target

28cbbf435779bf989abe5e38a933fb77_JaffaCakes118
Size

55KB
Sample

240706-trfyyavaqq
MD5

28cbbf435779bf989abe5e38a933fb77
SHA1

014db90e2f2ebef439d2c556cabd8166d0b71aaa
SHA256

fb228c47d6df84e060dac5bf8cb58c99fea115239a1d3a5d46075bd0831a6584
SHA512

4efef63bdb1f2561d67047f42e326e8546693c756d71256d65a7a6b886533a3aee15222d894ae0e28fc71665cb3f97a4dfe73a6b475c095e0d87a2b61eeea543
SSDEEP

1536:V3cpyORJLuB4P4AJJv4Romu/xtKGR8QzG852ncgT:V3c1fP4AJJv45GfbG8kt

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  28cbbf435779bf989abe5e38a933fb77_JaffaCakes118
- Size
  
  55KB
- MD5
  
  28cbbf435779bf989abe5e38a933fb77
- SHA1
  
  014db90e2f2ebef439d2c556cabd8166d0b71aaa
- SHA256
  
  fb228c47d6df84e060dac5bf8cb58c99fea115239a1d3a5d46075bd0831a6584
- SHA512
  
  4efef63bdb1f2561d67047f42e326e8546693c756d71256d65a7a6b886533a3aee15222d894ae0e28fc71665cb3f97a4dfe73a6b475c095e0d87a2b61eeea543
- SSDEEP
  
  1536:V3cpyORJLuB4P4AJJv4Romu/xtKGR8QzG852ncgT:V3c1fP4AJJv45GfbG8kt
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2