089944e9581fce45cacfd82a354aa003a3582f0d6c9563d2e103ee418bf65f40 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cb63e33e839f6199f61e4c256a0357a_JaffaCakes118
Size

55KB
Sample

240708-rxr72stdjp
MD5

2cb63e33e839f6199f61e4c256a0357a
SHA1

950286c6f550fabb83b2244c9066653c9a970f91
SHA256

089944e9581fce45cacfd82a354aa003a3582f0d6c9563d2e103ee418bf65f40
SHA512

d4cfb46159dc72b52a2cc0181123d1638518dcfdeba3fddca040f3b93ea4461dbb659adf60808a8ecb5da07572de666497a38a167330104ce82705d35dfdb957
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/Le2I1l7da9lDvg:V3cpyORJLuB4P4AJJv4Romu/XIrdUa

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  2cb63e33e839f6199f61e4c256a0357a_JaffaCakes118
- Size
  
  55KB
- MD5
  
  2cb63e33e839f6199f61e4c256a0357a
- SHA1
  
  950286c6f550fabb83b2244c9066653c9a970f91
- SHA256
  
  089944e9581fce45cacfd82a354aa003a3582f0d6c9563d2e103ee418bf65f40
- SHA512
  
  d4cfb46159dc72b52a2cc0181123d1638518dcfdeba3fddca040f3b93ea4461dbb659adf60808a8ecb5da07572de666497a38a167330104ce82705d35dfdb957
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/Le2I1l7da9lDvg:V3cpyORJLuB4P4AJJv4Romu/XIrdUa
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2