f16ec5b13be77c2f599815edd3ba1d01a602883b8a68bc0883352a9ebaa68b78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14ede6ee12ebb0847b7b875b80f30bab_JaffaCakes118
Size

72KB
Sample

241004-zz8ltawfkm
MD5

14ede6ee12ebb0847b7b875b80f30bab
SHA1

a00d58e8068678595ba0c9cda6fd4a25887fbd08
SHA256

f16ec5b13be77c2f599815edd3ba1d01a602883b8a68bc0883352a9ebaa68b78
SHA512

6ebd993a3f9921ce142e3e0099f18b5f46451b64d6755c44b0e3f92bb621105caa7d77b25b1d9c6e9861e738b9a33ccc5eb889d19ee4385aafce72ba0508ef57
SSDEEP

768:9bQ1iSoKkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVIN:dgIirEJycA8Dy9Suo6zCH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  14ede6ee12ebb0847b7b875b80f30bab_JaffaCakes118
- Size
  
  72KB
- MD5
  
  14ede6ee12ebb0847b7b875b80f30bab
- SHA1
  
  a00d58e8068678595ba0c9cda6fd4a25887fbd08
- SHA256
  
  f16ec5b13be77c2f599815edd3ba1d01a602883b8a68bc0883352a9ebaa68b78
- SHA512
  
  6ebd993a3f9921ce142e3e0099f18b5f46451b64d6755c44b0e3f92bb621105caa7d77b25b1d9c6e9861e738b9a33ccc5eb889d19ee4385aafce72ba0508ef57
- SSDEEP
  
  768:9bQ1iSoKkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVIN:dgIirEJycA8Dy9Suo6zCH
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2