88ea3d946d2cec953ccf7927150bd44d62c8361ee6860609ba45971cc3bb72da | Triage

Sharing

General

Target

071dc992d8f4e32c6d7a8ac71886f96e_JaffaCakes118
Size

165KB
Sample

241001-x8enzswhnl
MD5

071dc992d8f4e32c6d7a8ac71886f96e
SHA1

14683fd0f7e8f60384727f5f18fa08f8815ba2de
SHA256

88ea3d946d2cec953ccf7927150bd44d62c8361ee6860609ba45971cc3bb72da
SHA512

6af9cb38ac3caca755be807b2e39e472084e30472a44b7ee22089aba62de6a872e68e386c564969f2ec25bee0eef50330ff5bafc3b1b0571ccb3262c99402e4f
SSDEEP

3072:g4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:/iI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  071dc992d8f4e32c6d7a8ac71886f96e_JaffaCakes118
- Size
  
  165KB
- MD5
  
  071dc992d8f4e32c6d7a8ac71886f96e
- SHA1
  
  14683fd0f7e8f60384727f5f18fa08f8815ba2de
- SHA256
  
  88ea3d946d2cec953ccf7927150bd44d62c8361ee6860609ba45971cc3bb72da
- SHA512
  
  6af9cb38ac3caca755be807b2e39e472084e30472a44b7ee22089aba62de6a872e68e386c564969f2ec25bee0eef50330ff5bafc3b1b0571ccb3262c99402e4f
- SSDEEP
  
  3072:g4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:/iI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2