a87f5b3e19ad0c2808b38c388be6c57b624a163061ceff90fd92c439290e9c7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

010316925ba17cd1a7f1ad04bc0b563f_JaffaCakes118
Size

165KB
Sample

240930-m98ncawfkf
MD5

010316925ba17cd1a7f1ad04bc0b563f
SHA1

12c52b6b035b4d4a920366348a83ab088b5b5abf
SHA256

a87f5b3e19ad0c2808b38c388be6c57b624a163061ceff90fd92c439290e9c7f
SHA512

1785ada5d7a9d598d87bc1e4b9c29e4899b521ff8e1856f105e6f5df81ebad72f9f2085fc922895ff7aca0dcb39e9cb783c67a6cfd2eb04b1a1560a0c051ef93
SSDEEP

3072:E4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:riI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  010316925ba17cd1a7f1ad04bc0b563f_JaffaCakes118
- Size
  
  165KB
- MD5
  
  010316925ba17cd1a7f1ad04bc0b563f
- SHA1
  
  12c52b6b035b4d4a920366348a83ab088b5b5abf
- SHA256
  
  a87f5b3e19ad0c2808b38c388be6c57b624a163061ceff90fd92c439290e9c7f
- SHA512
  
  1785ada5d7a9d598d87bc1e4b9c29e4899b521ff8e1856f105e6f5df81ebad72f9f2085fc922895ff7aca0dcb39e9cb783c67a6cfd2eb04b1a1560a0c051ef93
- SSDEEP
  
  3072:E4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:riI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2