17c7e60cdaf587fd80bd54bbfaac1b0f85d30375d013710cb4c08ce5ba77b496 | Triage

Sharing

General

Target

167aad942fc20e5a47852326a68dbbb5_JaffaCakes118
Size

165KB
Sample

241005-gyde6szcrm
MD5

167aad942fc20e5a47852326a68dbbb5
SHA1

252829f3a0aad40cf419c138c968a2483d38b722
SHA256

17c7e60cdaf587fd80bd54bbfaac1b0f85d30375d013710cb4c08ce5ba77b496
SHA512

7f6b2a26e05688f7dd1aaf4598be39485cede77f6bb9e65d73cb9ef47df9879e415042cbb8d6edbd91e5534f4fb8ce5afcf068c005a0934e13aff368d1ee43f6
SSDEEP

3072:a4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4u:hiI/PlY37ZLF4Ca6WABqBOvsu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  167aad942fc20e5a47852326a68dbbb5_JaffaCakes118
- Size
  
  165KB
- MD5
  
  167aad942fc20e5a47852326a68dbbb5
- SHA1
  
  252829f3a0aad40cf419c138c968a2483d38b722
- SHA256
  
  17c7e60cdaf587fd80bd54bbfaac1b0f85d30375d013710cb4c08ce5ba77b496
- SHA512
  
  7f6b2a26e05688f7dd1aaf4598be39485cede77f6bb9e65d73cb9ef47df9879e415042cbb8d6edbd91e5534f4fb8ce5afcf068c005a0934e13aff368d1ee43f6
- SSDEEP
  
  3072:a4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4u:hiI/PlY37ZLF4Ca6WABqBOvsu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2