6b212998b18552da9839f25f00c9ccb27221bb3bbefe9928669a26006fb42409 | Triage

Sharing

General

Target

10e613fa8aaa23b6cc21d04d9f543ae1_JaffaCakes118
Size

54KB
Sample

241003-3e57qssdnj
MD5

10e613fa8aaa23b6cc21d04d9f543ae1
SHA1

5a0330202aaf750175a9c975b9b9be68ff642382
SHA256

6b212998b18552da9839f25f00c9ccb27221bb3bbefe9928669a26006fb42409
SHA512

a84590f983039ec685c5c5a4bd6ef9fc608dd5fa98e530b50531a2ad212603a28cd001d7c959b48777a459741968d717034e9a5b6eebdbc4c82f8342d8e3e378
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/11UIC5ifKJWsZo:V3cpyORJLuB4P4AJJv4Romu//fC598T

Score

10^/10

discovery evasion

Malware Config

Targets

- Target
  
  10e613fa8aaa23b6cc21d04d9f543ae1_JaffaCakes118
- Size
  
  54KB
- MD5
  
  10e613fa8aaa23b6cc21d04d9f543ae1
- SHA1
  
  5a0330202aaf750175a9c975b9b9be68ff642382
- SHA256
  
  6b212998b18552da9839f25f00c9ccb27221bb3bbefe9928669a26006fb42409
- SHA512
  
  a84590f983039ec685c5c5a4bd6ef9fc608dd5fa98e530b50531a2ad212603a28cd001d7c959b48777a459741968d717034e9a5b6eebdbc4c82f8342d8e3e378
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/11UIC5ifKJWsZo:V3cpyORJLuB4P4AJJv4Romu//fC598T
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion