d7e16ca8bb890c9ca91d14d62ac159a2db766c73b86e53c93d40e0120b3beed7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1483248beb74f8fb61cf8dc3ca57bd90_JaffaCakes118
Size

162KB
Sample

241004-xbqpzszdlp
MD5

1483248beb74f8fb61cf8dc3ca57bd90
SHA1

343413c845992b1a657d042edc728abedc4ac217
SHA256

d7e16ca8bb890c9ca91d14d62ac159a2db766c73b86e53c93d40e0120b3beed7
SHA512

14ed019f5cce6515657de13a5c0961c146758f94ff2276d9755b6cf7beed2fe7d36e58d8192a3481fc7358891a719df5c72bf2485918e8d7a0fe45adcea9e17d
SSDEEP

3072:mimnuVXjzu3vsLrP5voun/VqIoKJfma7tYEoFMhYh:oulu3vsPfdqIoK0a7BKh

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1483248beb74f8fb61cf8dc3ca57bd90_JaffaCakes118
- Size
  
  162KB
- MD5
  
  1483248beb74f8fb61cf8dc3ca57bd90
- SHA1
  
  343413c845992b1a657d042edc728abedc4ac217
- SHA256
  
  d7e16ca8bb890c9ca91d14d62ac159a2db766c73b86e53c93d40e0120b3beed7
- SHA512
  
  14ed019f5cce6515657de13a5c0961c146758f94ff2276d9755b6cf7beed2fe7d36e58d8192a3481fc7358891a719df5c72bf2485918e8d7a0fe45adcea9e17d
- SSDEEP
  
  3072:mimnuVXjzu3vsLrP5voun/VqIoKJfma7tYEoFMhYh:oulu3vsPfdqIoK0a7BKh
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2