faa64f48818954189a4912a13aa2fcef90255ebe35c1738de11a7fb4364ff47d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0691fbc1b6ad40711b3a0b9e4bc8c5cd_JaffaCakes118
Size

165KB
Sample

241001-t65kvatcpc
MD5

0691fbc1b6ad40711b3a0b9e4bc8c5cd
SHA1

85fb2d32e2eb390915ab811eaa716fbee9cd63ae
SHA256

faa64f48818954189a4912a13aa2fcef90255ebe35c1738de11a7fb4364ff47d
SHA512

b1768482f2c39603d7265b8a4847e3d6cb5e72fa7cfa70225c5f5e03f55806474d0675f3349008431a4a4ae0226cbadb36c4f61488890076b8af32350163eb2e
SSDEEP

3072:m4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:FiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0691fbc1b6ad40711b3a0b9e4bc8c5cd_JaffaCakes118
- Size
  
  165KB
- MD5
  
  0691fbc1b6ad40711b3a0b9e4bc8c5cd
- SHA1
  
  85fb2d32e2eb390915ab811eaa716fbee9cd63ae
- SHA256
  
  faa64f48818954189a4912a13aa2fcef90255ebe35c1738de11a7fb4364ff47d
- SHA512
  
  b1768482f2c39603d7265b8a4847e3d6cb5e72fa7cfa70225c5f5e03f55806474d0675f3349008431a4a4ae0226cbadb36c4f61488890076b8af32350163eb2e
- SSDEEP
  
  3072:m4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:FiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2