f59db1575f20d1c0c79a78d00289aa6f271b36620724a47ab00def2183060851 | Triage

Sharing

General

Target

15e54d007bb01798f0e80f3166e5f94c_JaffaCakes118
Size

40KB
Sample

241005-dgfx7a1gjj
MD5

15e54d007bb01798f0e80f3166e5f94c
SHA1

80e834dadaa2ae376d63a1d65159df18b57dbd29
SHA256

f59db1575f20d1c0c79a78d00289aa6f271b36620724a47ab00def2183060851
SHA512

11aaccb848c14bae6f0d45581e3249085eb828225ac42b08861febea948d58e4e355fff9e7b1048540e5e356ecfca273ebc326ad8ebcb6a0219c1a910406ae00
SSDEEP

384:2FdKl3cRVsTtTuGtPKtxxj8THpN+iQkjnRkcWBBobIiN5xeiuP9zl6l+Zcijrg1W:E9RVsxfVnKnQTxgZbcSY1cki

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  15e54d007bb01798f0e80f3166e5f94c_JaffaCakes118
- Size
  
  40KB
- MD5
  
  15e54d007bb01798f0e80f3166e5f94c
- SHA1
  
  80e834dadaa2ae376d63a1d65159df18b57dbd29
- SHA256
  
  f59db1575f20d1c0c79a78d00289aa6f271b36620724a47ab00def2183060851
- SHA512
  
  11aaccb848c14bae6f0d45581e3249085eb828225ac42b08861febea948d58e4e355fff9e7b1048540e5e356ecfca273ebc326ad8ebcb6a0219c1a910406ae00
- SSDEEP
  
  384:2FdKl3cRVsTtTuGtPKtxxj8THpN+iQkjnRkcWBBobIiN5xeiuP9zl6l+Zcijrg1W:E9RVsxfVnKnQTxgZbcSY1cki
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2