fb7053ed31aeb272d7e490d0c1007e9e45acf0c77afc369de8cbca3414c990cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0779539bc984db58628de6e4b64d2461_JaffaCakes118
Size

72KB
Sample

241001-z8r1esvdld
MD5

0779539bc984db58628de6e4b64d2461
SHA1

903a8a236e5c86f66127a904f76a615f07d64b79
SHA256

fb7053ed31aeb272d7e490d0c1007e9e45acf0c77afc369de8cbca3414c990cf
SHA512

9ee3f4f9fb2560caade942cbe209fa34354107c07e7bfb3150a5b9fa0e6e69cab59a2e062058c845b3ed87c5693ee2832ad518da764735d33557420569753fcb
SSDEEP

768:9v91iSjKkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVYcDX:NXbirEJycA8Dy9Suo6zCnWX

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0779539bc984db58628de6e4b64d2461_JaffaCakes118
- Size
  
  72KB
- MD5
  
  0779539bc984db58628de6e4b64d2461
- SHA1
  
  903a8a236e5c86f66127a904f76a615f07d64b79
- SHA256
  
  fb7053ed31aeb272d7e490d0c1007e9e45acf0c77afc369de8cbca3414c990cf
- SHA512
  
  9ee3f4f9fb2560caade942cbe209fa34354107c07e7bfb3150a5b9fa0e6e69cab59a2e062058c845b3ed87c5693ee2832ad518da764735d33557420569753fcb
- SSDEEP
  
  768:9v91iSjKkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVYcDX:NXbirEJycA8Dy9Suo6zCnWX
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2