d478952a753b2e5f7acbf17b5c823e78bfb2b70506bd7d8cc239502f1fc1405d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

002651f835b1675cd5df6c7a77ffa637_JaffaCakes118
Size

165KB
Sample

240930-h8abyaxclf
MD5

002651f835b1675cd5df6c7a77ffa637
SHA1

899710d611a83d6fa1351e22525db35a8a2df418
SHA256

d478952a753b2e5f7acbf17b5c823e78bfb2b70506bd7d8cc239502f1fc1405d
SHA512

b84154c55931465fbbcb2d188b754f79cba7c4a94707ec771918c0373c448dee63e99dfbb1e1d792fe47446a02de72b50b118bd87cdcd4fee47dd10373d0c52a
SSDEEP

3072:x4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:6iI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  002651f835b1675cd5df6c7a77ffa637_JaffaCakes118
- Size
  
  165KB
- MD5
  
  002651f835b1675cd5df6c7a77ffa637
- SHA1
  
  899710d611a83d6fa1351e22525db35a8a2df418
- SHA256
  
  d478952a753b2e5f7acbf17b5c823e78bfb2b70506bd7d8cc239502f1fc1405d
- SHA512
  
  b84154c55931465fbbcb2d188b754f79cba7c4a94707ec771918c0373c448dee63e99dfbb1e1d792fe47446a02de72b50b118bd87cdcd4fee47dd10373d0c52a
- SSDEEP
  
  3072:x4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:6iI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2