4065bbd7082937655f0314c9477f8a843dde9d3fe7ea35b4a584db65cac4b6f7 | Triage

Sharing

General

Target

133233c1bc80dc6741a0eb4c71e14313_JaffaCakes118
Size

165KB
Sample

241004-nq27ws1hmj
MD5

133233c1bc80dc6741a0eb4c71e14313
SHA1

10e286d6dc13cb93df1e6a6097114f0607e8d6c1
SHA256

4065bbd7082937655f0314c9477f8a843dde9d3fe7ea35b4a584db65cac4b6f7
SHA512

268b9962e82b7430438979980817a878411b73ed6ce28e36807bbd4d53134f4e094328f6bf4e462684f146a51cb57ac43c6f68ff031452810598f93edad224e6
SSDEEP

3072:B4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:qiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  133233c1bc80dc6741a0eb4c71e14313_JaffaCakes118
- Size
  
  165KB
- MD5
  
  133233c1bc80dc6741a0eb4c71e14313
- SHA1
  
  10e286d6dc13cb93df1e6a6097114f0607e8d6c1
- SHA256
  
  4065bbd7082937655f0314c9477f8a843dde9d3fe7ea35b4a584db65cac4b6f7
- SHA512
  
  268b9962e82b7430438979980817a878411b73ed6ce28e36807bbd4d53134f4e094328f6bf4e462684f146a51cb57ac43c6f68ff031452810598f93edad224e6
- SSDEEP
  
  3072:B4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:qiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2