0a13255b54516e413807ebad6eb32d358e3855e73dc87026d93609c5264d3dae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

160b11f585f422cf940d435f230a8d47_JaffaCakes118
Size

20KB
Sample

241005-edbpqstenm
MD5

160b11f585f422cf940d435f230a8d47
SHA1

91de630cc8d8d7a6e9fc5d662c7d69b4037c2203
SHA256

0a13255b54516e413807ebad6eb32d358e3855e73dc87026d93609c5264d3dae
SHA512

028ad018155989be3a8c9a427e6bfc56268bc24a617fca2d97a07bc13a3f4eb44a4b6f3b546398ea5a4705060b595315b8fa8b968bb142f922f57b78583fad1e
SSDEEP

384:6cDXQC9zC+eb3CLp3yr4PctTQXfmgnmJEfqx2yROIscXKjZmKwj2/iQ:6Dl+c3mpir4Pc2XOXGxABXSm3Q

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  160b11f585f422cf940d435f230a8d47_JaffaCakes118
- Size
  
  20KB
- MD5
  
  160b11f585f422cf940d435f230a8d47
- SHA1
  
  91de630cc8d8d7a6e9fc5d662c7d69b4037c2203
- SHA256
  
  0a13255b54516e413807ebad6eb32d358e3855e73dc87026d93609c5264d3dae
- SHA512
  
  028ad018155989be3a8c9a427e6bfc56268bc24a617fca2d97a07bc13a3f4eb44a4b6f3b546398ea5a4705060b595315b8fa8b968bb142f922f57b78583fad1e
- SSDEEP
  
  384:6cDXQC9zC+eb3CLp3yr4PctTQXfmgnmJEfqx2yROIscXKjZmKwj2/iQ:6Dl+c3mpir4Pc2XOXGxABXSm3Q
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2