fccdd5bbae8db6a1cacca52e82adb56083cac637a9c56d1f2b4abc4df9619678 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11543717c0267ad67e1c12593b9db263_JaffaCakes118
Size

164KB
Sample

241004-b74e3axgpn
MD5

11543717c0267ad67e1c12593b9db263
SHA1

31e7205bd0376a3cb2df8b146fdcc57f555e32ac
SHA256

fccdd5bbae8db6a1cacca52e82adb56083cac637a9c56d1f2b4abc4df9619678
SHA512

89ea9af69c34735691a793a43225bdcea81086e948b377f5e2c8f66b27ce6e7ae70f9cd2b4bafd4a42f51757f887b8e3f534bb2e549a93d69983de8aa29e5d84
SSDEEP

3072:tiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h:giilhmIQODDHBJdmOHIFs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  11543717c0267ad67e1c12593b9db263_JaffaCakes118
- Size
  
  164KB
- MD5
  
  11543717c0267ad67e1c12593b9db263
- SHA1
  
  31e7205bd0376a3cb2df8b146fdcc57f555e32ac
- SHA256
  
  fccdd5bbae8db6a1cacca52e82adb56083cac637a9c56d1f2b4abc4df9619678
- SHA512
  
  89ea9af69c34735691a793a43225bdcea81086e948b377f5e2c8f66b27ce6e7ae70f9cd2b4bafd4a42f51757f887b8e3f534bb2e549a93d69983de8aa29e5d84
- SSDEEP
  
  3072:tiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h:giilhmIQODDHBJdmOHIFs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2