373623b19a0eb6f4a54003cec7c07ca3c79a763f748382f676c15ed69d6a322b | Triage

Sharing

General

Target

04619db5b57ad16e50c042fe16e90987_JaffaCakes118
Size

176KB
Sample

241001-e5383avdkg
MD5

04619db5b57ad16e50c042fe16e90987
SHA1

512e3461033c2f65d46d1967c44c4be3b5e90749
SHA256

373623b19a0eb6f4a54003cec7c07ca3c79a763f748382f676c15ed69d6a322b
SHA512

05b8c3229e2fdf7db0c3499f5ed298c0df69b45451d4f1730d055497d2a722c52a2829b432505ce0709fe39ff75aaf57629ff220d479a9de13d6d47884e6123b
SSDEEP

3072:z0MJPlP21lO0P6brMPgOR26T89Ln22LKeQOineJ824INL9sfsNkyout7:z5Bc1z6MIOz899Binee2R9F/oS7

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  04619db5b57ad16e50c042fe16e90987_JaffaCakes118
- Size
  
  176KB
- MD5
  
  04619db5b57ad16e50c042fe16e90987
- SHA1
  
  512e3461033c2f65d46d1967c44c4be3b5e90749
- SHA256
  
  373623b19a0eb6f4a54003cec7c07ca3c79a763f748382f676c15ed69d6a322b
- SHA512
  
  05b8c3229e2fdf7db0c3499f5ed298c0df69b45451d4f1730d055497d2a722c52a2829b432505ce0709fe39ff75aaf57629ff220d479a9de13d6d47884e6123b
- SSDEEP
  
  3072:z0MJPlP21lO0P6brMPgOR26T89Ln22LKeQOineJ824INL9sfsNkyout7:z5Bc1z6MIOz899Binee2R9F/oS7
Score

8^/10

discovery
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2