d36c72f7febf0f6efe034faf33c223f6e4c328662f85ae44222ae41b87f0e15d | Triage

Sharing

General

Target

0898fe8bbe0ae64c3020a50c270d9830_JaffaCakes118
Size

72KB
Sample

241002-dqyvcsthrm
MD5

0898fe8bbe0ae64c3020a50c270d9830
SHA1

7aad8b97ea1b83edf505902567a0498aaa3b711c
SHA256

d36c72f7febf0f6efe034faf33c223f6e4c328662f85ae44222ae41b87f0e15d
SHA512

f8b99d78b517a3d6395a523111d15055cc935a6eef204c47cf888403bfec66a92e1a0ef3a15ff92de2a6ba1eb8372344961fca03c0d564d5eca335acf0311029
SSDEEP

768:9h+1iS7KkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVDr:/2DirEJycA8Dy9Suo6zCs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0898fe8bbe0ae64c3020a50c270d9830_JaffaCakes118
- Size
  
  72KB
- MD5
  
  0898fe8bbe0ae64c3020a50c270d9830
- SHA1
  
  7aad8b97ea1b83edf505902567a0498aaa3b711c
- SHA256
  
  d36c72f7febf0f6efe034faf33c223f6e4c328662f85ae44222ae41b87f0e15d
- SHA512
  
  f8b99d78b517a3d6395a523111d15055cc935a6eef204c47cf888403bfec66a92e1a0ef3a15ff92de2a6ba1eb8372344961fca03c0d564d5eca335acf0311029
- SSDEEP
  
  768:9h+1iS7KkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVDr:/2DirEJycA8Dy9Suo6zCs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2