83670e3c4fad8f1b72c2cb614971b4acd0a0718c52d698c0ad2cd5ad12b379c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0be08dfa37a60b763dfce763f6d9ad32_JaffaCakes118
Size

163KB
Sample

241002-wh8cyayhqn
MD5

0be08dfa37a60b763dfce763f6d9ad32
SHA1

598df181b5d3ff578ad90f386ea2933dbdc1d6dc
SHA256

83670e3c4fad8f1b72c2cb614971b4acd0a0718c52d698c0ad2cd5ad12b379c6
SHA512

c8d7a984dd5c7635ce4d3a3ffe182e4e3426ba371637797fc68dea43586e9efb5c59b4d5c85466d00a01b825507b7e01efed99f32bd90be982f3523c1d3bc12c
SSDEEP

3072:g4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4E:/iI/PlY37ZLF4Ca6WABqBOvsE

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0be08dfa37a60b763dfce763f6d9ad32_JaffaCakes118
- Size
  
  163KB
- MD5
  
  0be08dfa37a60b763dfce763f6d9ad32
- SHA1
  
  598df181b5d3ff578ad90f386ea2933dbdc1d6dc
- SHA256
  
  83670e3c4fad8f1b72c2cb614971b4acd0a0718c52d698c0ad2cd5ad12b379c6
- SHA512
  
  c8d7a984dd5c7635ce4d3a3ffe182e4e3426ba371637797fc68dea43586e9efb5c59b4d5c85466d00a01b825507b7e01efed99f32bd90be982f3523c1d3bc12c
- SSDEEP
  
  3072:g4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4E:/iI/PlY37ZLF4Ca6WABqBOvsE
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2