2719b2d69c12f61961cbacdb5241d37f182b61bd0783c22e70cabfd950695d24 | Triage

Sharing

General

Target

0839624ac2a76928e3642f678e233dc2_JaffaCakes118
Size

165KB
Sample

241002-bp8l3azekk
MD5

0839624ac2a76928e3642f678e233dc2
SHA1

a48b4eaa9e0b4aecf3f12ae8c88c99934f0df278
SHA256

2719b2d69c12f61961cbacdb5241d37f182b61bd0783c22e70cabfd950695d24
SHA512

5ac430e0b97cf93f7ca7a6af82ab304ec14190047bb9256c6d265a2982170321c368e81a1366a35f2956e4e4c413684f50c07dace00d16e36634ac60ea6bbc2b
SSDEEP

3072:A4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:fiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0839624ac2a76928e3642f678e233dc2_JaffaCakes118
- Size
  
  165KB
- MD5
  
  0839624ac2a76928e3642f678e233dc2
- SHA1
  
  a48b4eaa9e0b4aecf3f12ae8c88c99934f0df278
- SHA256
  
  2719b2d69c12f61961cbacdb5241d37f182b61bd0783c22e70cabfd950695d24
- SHA512
  
  5ac430e0b97cf93f7ca7a6af82ab304ec14190047bb9256c6d265a2982170321c368e81a1366a35f2956e4e4c413684f50c07dace00d16e36634ac60ea6bbc2b
- SSDEEP
  
  3072:A4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:fiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2