4ddba477957aaf4c391dd8dd0bd99ff69721d6ceefe3890c42adf0281d96e3cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f1ada923de3acd4e20a0f8499ad2d19_JaffaCakes118
Size

165KB
Sample

241003-rlvh2azblm
MD5

0f1ada923de3acd4e20a0f8499ad2d19
SHA1

a5686d94120011e9ea6e55c6e8aa9528f4d8a195
SHA256

4ddba477957aaf4c391dd8dd0bd99ff69721d6ceefe3890c42adf0281d96e3cd
SHA512

dc2219479075c10bcab3916629ae58473a5b25cffb3b3cfbad6f919c593c17f49e92510a96e8a3e900d947edff100383f04a15805530da68a1fbe478963b416e
SSDEEP

3072:K4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:xiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0f1ada923de3acd4e20a0f8499ad2d19_JaffaCakes118
- Size
  
  165KB
- MD5
  
  0f1ada923de3acd4e20a0f8499ad2d19
- SHA1
  
  a5686d94120011e9ea6e55c6e8aa9528f4d8a195
- SHA256
  
  4ddba477957aaf4c391dd8dd0bd99ff69721d6ceefe3890c42adf0281d96e3cd
- SHA512
  
  dc2219479075c10bcab3916629ae58473a5b25cffb3b3cfbad6f919c593c17f49e92510a96e8a3e900d947edff100383f04a15805530da68a1fbe478963b416e
- SSDEEP
  
  3072:K4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:xiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2