4df46a3411cbbdb0e36d99090eb10090b8003dff5d7e4abd787f3b80fe6bf777 | Triage

Sharing

General

Target

ee2f1643a07234524d3b3aa335544396_JaffaCakes118
Size

54KB
Sample

240920-w4fj2s1bnh
MD5

ee2f1643a07234524d3b3aa335544396
SHA1

f089ba3c16c692fe2cb9b33e7ba2861a99f14a56
SHA256

4df46a3411cbbdb0e36d99090eb10090b8003dff5d7e4abd787f3b80fe6bf777
SHA512

5466e8d0107bff592a33b14e20a8d13ad243a5d56eda770797300075302a06bc67d4365e21202a97e5b3105bd25fb44ba2fc1ecd9792efbb90000c5327252b3f
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/1wMNi54vx/E12L:V3cpyORJLuB4P4AJJv4Romu/C54v9EkL

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  ee2f1643a07234524d3b3aa335544396_JaffaCakes118
- Size
  
  54KB
- MD5
  
  ee2f1643a07234524d3b3aa335544396
- SHA1
  
  f089ba3c16c692fe2cb9b33e7ba2861a99f14a56
- SHA256
  
  4df46a3411cbbdb0e36d99090eb10090b8003dff5d7e4abd787f3b80fe6bf777
- SHA512
  
  5466e8d0107bff592a33b14e20a8d13ad243a5d56eda770797300075302a06bc67d4365e21202a97e5b3105bd25fb44ba2fc1ecd9792efbb90000c5327252b3f
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/1wMNi54vx/E12L:V3cpyORJLuB4P4AJJv4Romu/C54v9EkL
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion