f629eb910f4e8c6a965a72b424ac8811f181e274ac3e91281723a551f87ae4c3 | Triage

Sharing

General

Target

04c76998adf0839b11c5d929e6b374a6_JaffaCakes118
Size

165KB
Sample

241001-hr8heawfrr
MD5

04c76998adf0839b11c5d929e6b374a6
SHA1

135b50403086b3a232a2b69908e387694e869930
SHA256

f629eb910f4e8c6a965a72b424ac8811f181e274ac3e91281723a551f87ae4c3
SHA512

29089a147104e55fadf7d1b4ee52e81bd5ab15732a3f327c875df9dc72c1fc29847e2a46c0f70b542cbe48c1b0f08dbfb5a65be121a5a60e66b0f8d5ca583e92
SSDEEP

3072:a4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:hiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  04c76998adf0839b11c5d929e6b374a6_JaffaCakes118
- Size
  
  165KB
- MD5
  
  04c76998adf0839b11c5d929e6b374a6
- SHA1
  
  135b50403086b3a232a2b69908e387694e869930
- SHA256
  
  f629eb910f4e8c6a965a72b424ac8811f181e274ac3e91281723a551f87ae4c3
- SHA512
  
  29089a147104e55fadf7d1b4ee52e81bd5ab15732a3f327c875df9dc72c1fc29847e2a46c0f70b542cbe48c1b0f08dbfb5a65be121a5a60e66b0f8d5ca583e92
- SSDEEP
  
  3072:a4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:hiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2