380f1fcee9144f4a70339c816f29f4bb9a01d54791a4cb1dc436682c6b3460c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04a1af7c8e04322450814777990d90ae_JaffaCakes118
Size

164KB
Sample

241001-gvettsthpm
MD5

04a1af7c8e04322450814777990d90ae
SHA1

7004d276138e5be8eecddadc62b016d72c2a4f6f
SHA256

380f1fcee9144f4a70339c816f29f4bb9a01d54791a4cb1dc436682c6b3460c6
SHA512

a2f2f916c27695e2c8727f1328270ce4b0c3908fc80dc26faa39d808814d28a1a831a9eb1e11dca4b8d718440aef895d5f5413ccaf0cd740d97aeae42c0dfc7b
SSDEEP

3072:AimnuVXjzu3vsLrP5voun/VqIoKJfma7tYEoFMhY:6ulu3vsPfdqIoK0a7BK

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  04a1af7c8e04322450814777990d90ae_JaffaCakes118
- Size
  
  164KB
- MD5
  
  04a1af7c8e04322450814777990d90ae
- SHA1
  
  7004d276138e5be8eecddadc62b016d72c2a4f6f
- SHA256
  
  380f1fcee9144f4a70339c816f29f4bb9a01d54791a4cb1dc436682c6b3460c6
- SHA512
  
  a2f2f916c27695e2c8727f1328270ce4b0c3908fc80dc26faa39d808814d28a1a831a9eb1e11dca4b8d718440aef895d5f5413ccaf0cd740d97aeae42c0dfc7b
- SSDEEP
  
  3072:AimnuVXjzu3vsLrP5voun/VqIoKJfma7tYEoFMhY:6ulu3vsPfdqIoK0a7BK
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2