bb107807b66918ed92690a1c2d30c1510564ca6e220dfc12571fe73496334e55 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04cf27ee6a8d52d98377274f3e6c628d_JaffaCakes118
Size

163KB
Sample

241001-hznsza1bqb
MD5

04cf27ee6a8d52d98377274f3e6c628d
SHA1

6121eae81faf998dce774baa249c955d580adcff
SHA256

bb107807b66918ed92690a1c2d30c1510564ca6e220dfc12571fe73496334e55
SHA512

5db4b028daf68c79d3dab810095914e9cdc6e3036d0dc20a4ec9cb8e02ecfa35430981a46c620eae7c0dc98e02bafe9b6c12fb1cebef84b76fa499a85387cda1
SSDEEP

3072:Z4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4O:yiI/PlY37ZLF4Ca6WABqBOvsO

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  04cf27ee6a8d52d98377274f3e6c628d_JaffaCakes118
- Size
  
  163KB
- MD5
  
  04cf27ee6a8d52d98377274f3e6c628d
- SHA1
  
  6121eae81faf998dce774baa249c955d580adcff
- SHA256
  
  bb107807b66918ed92690a1c2d30c1510564ca6e220dfc12571fe73496334e55
- SHA512
  
  5db4b028daf68c79d3dab810095914e9cdc6e3036d0dc20a4ec9cb8e02ecfa35430981a46c620eae7c0dc98e02bafe9b6c12fb1cebef84b76fa499a85387cda1
- SSDEEP
  
  3072:Z4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4O:yiI/PlY37ZLF4Ca6WABqBOvsO
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2