d6b50e7890c1f365c72759929fad9ca3ac86311bb1cdb250d4214995bfe5698b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

009087635cc3fe0f286fd22297291d83_JaffaCakes118
Size

165KB
Sample

240930-k85tys1hqh
MD5

009087635cc3fe0f286fd22297291d83
SHA1

e6557c0434b512ad34cb539f944b614e7061677e
SHA256

d6b50e7890c1f365c72759929fad9ca3ac86311bb1cdb250d4214995bfe5698b
SHA512

4b0eee875c27ec8a716be3c98b15c0f16d7151ac7f7b3a54d79632f598868358d46db84537a88eddec9baf0960013500ffabc7a25057cd77a40e23ebbf58c6c1
SSDEEP

3072:n4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:4iI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  009087635cc3fe0f286fd22297291d83_JaffaCakes118
- Size
  
  165KB
- MD5
  
  009087635cc3fe0f286fd22297291d83
- SHA1
  
  e6557c0434b512ad34cb539f944b614e7061677e
- SHA256
  
  d6b50e7890c1f365c72759929fad9ca3ac86311bb1cdb250d4214995bfe5698b
- SHA512
  
  4b0eee875c27ec8a716be3c98b15c0f16d7151ac7f7b3a54d79632f598868358d46db84537a88eddec9baf0960013500ffabc7a25057cd77a40e23ebbf58c6c1
- SSDEEP
  
  3072:n4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:4iI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2