1f2ede71d446f4eebdf833d8ed997eb18698498f7d5e29cbda71f178f7f237f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

044e3933113eeddbbdff9b3534d51b05_JaffaCakes118
Size

163KB
Sample

241001-en5qkazcjl
MD5

044e3933113eeddbbdff9b3534d51b05
SHA1

1bb7597ac6de6997c2281ab8f225ebd0032136e9
SHA256

1f2ede71d446f4eebdf833d8ed997eb18698498f7d5e29cbda71f178f7f237f0
SHA512

839650a807ad484fd573bd1c67ce25e3483ffbd40d97f0fe42dc1c0925d9cfdb96ba74ecadc08e1c75813a8d338e4a76f9b5861fb80ff3db55a3d86ca1234d76
SSDEEP

3072:r4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4a:UiI/PlY37ZLF4Ca6WABqBOvsa

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  044e3933113eeddbbdff9b3534d51b05_JaffaCakes118
- Size
  
  163KB
- MD5
  
  044e3933113eeddbbdff9b3534d51b05
- SHA1
  
  1bb7597ac6de6997c2281ab8f225ebd0032136e9
- SHA256
  
  1f2ede71d446f4eebdf833d8ed997eb18698498f7d5e29cbda71f178f7f237f0
- SHA512
  
  839650a807ad484fd573bd1c67ce25e3483ffbd40d97f0fe42dc1c0925d9cfdb96ba74ecadc08e1c75813a8d338e4a76f9b5861fb80ff3db55a3d86ca1234d76
- SSDEEP
  
  3072:r4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4a:UiI/PlY37ZLF4Ca6WABqBOvsa
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2