5aebdd15d9d937c587c1445199c1119cb4cc9ba75209156d223cba83daabb6d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea3cb873084d15bb616da461122cf5a8_JaffaCakes118
Size

388KB
Sample

240919-aktfxa1anb
MD5

ea3cb873084d15bb616da461122cf5a8
SHA1

655504b1aa501b9cef757578d887826c88dc18e9
SHA256

5aebdd15d9d937c587c1445199c1119cb4cc9ba75209156d223cba83daabb6d1
SHA512

ddb997d46d0cd8c93da2bab0e0b4c52f090ab5885bcc6e3a5902d82ce6239bf0878e5c4888e81e4d8d6e5f35952ac6f07952a0d39b682adf6e06f3c9c7128f41
SSDEEP

6144:xQq7zwkx+Gj2ldlTusrV9BWW7UmUZV/v6yTwVABUIwqgIt2ccJ5iYB735dMjSw6:70kfj2ldksVWWKcVoUBiQrAYBTDGb6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ea3cb873084d15bb616da461122cf5a8_JaffaCakes118
- Size
  
  388KB
- MD5
  
  ea3cb873084d15bb616da461122cf5a8
- SHA1
  
  655504b1aa501b9cef757578d887826c88dc18e9
- SHA256
  
  5aebdd15d9d937c587c1445199c1119cb4cc9ba75209156d223cba83daabb6d1
- SHA512
  
  ddb997d46d0cd8c93da2bab0e0b4c52f090ab5885bcc6e3a5902d82ce6239bf0878e5c4888e81e4d8d6e5f35952ac6f07952a0d39b682adf6e06f3c9c7128f41
- SSDEEP
  
  6144:xQq7zwkx+Gj2ldlTusrV9BWW7UmUZV/v6yTwVABUIwqgIt2ccJ5iYB735dMjSw6:70kfj2ldksVWWKcVoUBiQrAYBTDGb6
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $TEMPLATES/setup.txt
- Size
  
  346KB
- MD5
  
  9bfc832c8c59dfe4f4261f7e177b54d7
- SHA1
  
  1a603ef2a05a6724f3c2f8b16de07d39cdce4f47
- SHA256
  
  7532eae9519867095ae723d4325e577ca9921543cca20238b2466d7666aac3f7
- SHA512
  
  b7515d5fc80e1757f8456507066e7337b45fe908764340b59c6f299eae0186083df87d11d19858e3ee66fc3cdd237021a290d4a8a2ca6ed9fc2c9c3d7b027fda
- SSDEEP
  
  6144:ye343iYvlhNC7JuyKAs8LG9R3HNe76JvML/9c7Cr7Ob+FlbAk:A/+YyXSvi2v2ICvOb+Fuk
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6