5e59297e43e05864d49a4aef0ed2fcb3c6d168336273888e2b80f0baf5cb2b70 | Triage

Sharing

General

Target

08382f79293824cf59fd0247e271e541_JaffaCakes118
Size

162KB
Sample

241002-bn7clszdnq
MD5

08382f79293824cf59fd0247e271e541
SHA1

0db820cc7e23d61bdd1552d5d4e5051e6ca15966
SHA256

5e59297e43e05864d49a4aef0ed2fcb3c6d168336273888e2b80f0baf5cb2b70
SHA512

36ce3aa6450174fbc84be66ed2cb078582962fe879203db1a00db0a759468adecf7d9407bee453f3a2e9f34258d0103194e3c57d7a4ed590eb595675405216fe
SSDEEP

3072:GiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h53:xiilhmIQODDHBJdmOHIFs53

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  08382f79293824cf59fd0247e271e541_JaffaCakes118
- Size
  
  162KB
- MD5
  
  08382f79293824cf59fd0247e271e541
- SHA1
  
  0db820cc7e23d61bdd1552d5d4e5051e6ca15966
- SHA256
  
  5e59297e43e05864d49a4aef0ed2fcb3c6d168336273888e2b80f0baf5cb2b70
- SHA512
  
  36ce3aa6450174fbc84be66ed2cb078582962fe879203db1a00db0a759468adecf7d9407bee453f3a2e9f34258d0103194e3c57d7a4ed590eb595675405216fe
- SSDEEP
  
  3072:GiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h53:xiilhmIQODDHBJdmOHIFs53
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2