890116c3285089012dce3d97986266d68d102f1a23148932ef69b62ef46d6b3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09dcbcb48d7c9e006e0d8a35283c9d5f_JaffaCakes118
Size

165KB
Sample

241002-kszyrsxemp
MD5

09dcbcb48d7c9e006e0d8a35283c9d5f
SHA1

d1295e2317243306426eb5a0a3b94444627f131b
SHA256

890116c3285089012dce3d97986266d68d102f1a23148932ef69b62ef46d6b3d
SHA512

c9476d315d3d5f15abb038439f18fbbbe48aab2756f37c636058a03ae4d579a5ab920297bfef7f09499cb5c5ba30f4bb993f62cbc1e4ee203f244b584b8a2043
SSDEEP

3072:d4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:+iI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  09dcbcb48d7c9e006e0d8a35283c9d5f_JaffaCakes118
- Size
  
  165KB
- MD5
  
  09dcbcb48d7c9e006e0d8a35283c9d5f
- SHA1
  
  d1295e2317243306426eb5a0a3b94444627f131b
- SHA256
  
  890116c3285089012dce3d97986266d68d102f1a23148932ef69b62ef46d6b3d
- SHA512
  
  c9476d315d3d5f15abb038439f18fbbbe48aab2756f37c636058a03ae4d579a5ab920297bfef7f09499cb5c5ba30f4bb993f62cbc1e4ee203f244b584b8a2043
- SSDEEP
  
  3072:d4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:+iI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2