e2dce8386ff352016eb65769f750629d0deb1b452366fe7abf090c2cdcde1f12 | Triage

Sharing

General

Target

05c2104d04dcf1023ab47b71fafae13f_JaffaCakes118
Size

163KB
Sample

241001-paex4aycpm
MD5

05c2104d04dcf1023ab47b71fafae13f
SHA1

678bc5db4c6c0473b42f3abc6a5d04eb23c36079
SHA256

e2dce8386ff352016eb65769f750629d0deb1b452366fe7abf090c2cdcde1f12
SHA512

357dc79e1f594c8fa5ea4cd1eef1f375c6441a8e4681905ae0f68effde06183b38d0f9eb8a26dda34aa7dad3002006e93beb2843e5aa7cac62cca899b8c856dc
SSDEEP

3072:g4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4u:/iI/PlY37ZLF4Ca6WABqBOvsu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  05c2104d04dcf1023ab47b71fafae13f_JaffaCakes118
- Size
  
  163KB
- MD5
  
  05c2104d04dcf1023ab47b71fafae13f
- SHA1
  
  678bc5db4c6c0473b42f3abc6a5d04eb23c36079
- SHA256
  
  e2dce8386ff352016eb65769f750629d0deb1b452366fe7abf090c2cdcde1f12
- SHA512
  
  357dc79e1f594c8fa5ea4cd1eef1f375c6441a8e4681905ae0f68effde06183b38d0f9eb8a26dda34aa7dad3002006e93beb2843e5aa7cac62cca899b8c856dc
- SSDEEP
  
  3072:g4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4u:/iI/PlY37ZLF4Ca6WABqBOvsu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2