e8ddc6ce82912d5896a04c6a034b773e73c796e8d10d7b317b3f32de04fe8b64 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0868957a502adc09dbb40a06622fff68_JaffaCakes118
Size

165KB
Sample

241002-cqz7rascln
MD5

0868957a502adc09dbb40a06622fff68
SHA1

0c44f19aceb6f3c580d49bd92f2b151419bb8c65
SHA256

e8ddc6ce82912d5896a04c6a034b773e73c796e8d10d7b317b3f32de04fe8b64
SHA512

9d264c67b2a3eb87d020794662058aaa6f5fb273c7cff6d52ad6aa947c437acab7b82e9f00f423a40e80b8e2887ec45025aee7d3c3365351a84140a965029703
SSDEEP

3072:P4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:QiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0868957a502adc09dbb40a06622fff68_JaffaCakes118
- Size
  
  165KB
- MD5
  
  0868957a502adc09dbb40a06622fff68
- SHA1
  
  0c44f19aceb6f3c580d49bd92f2b151419bb8c65
- SHA256
  
  e8ddc6ce82912d5896a04c6a034b773e73c796e8d10d7b317b3f32de04fe8b64
- SHA512
  
  9d264c67b2a3eb87d020794662058aaa6f5fb273c7cff6d52ad6aa947c437acab7b82e9f00f423a40e80b8e2887ec45025aee7d3c3365351a84140a965029703
- SSDEEP
  
  3072:P4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:QiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2