8b33be51e3a5af63463ac5aa5d992f82e79c5e8033a83f22a665327f11335b96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

178fd66df8d495ce01d8d7c3d0fbc3d4_JaffaCakes118
Size

165KB
Sample

241006-lnl2saxcpn
MD5

178fd66df8d495ce01d8d7c3d0fbc3d4
SHA1

3e4b6651468ebd38f9cb14e26c430a498e36388a
SHA256

8b33be51e3a5af63463ac5aa5d992f82e79c5e8033a83f22a665327f11335b96
SHA512

5b0ebc6f24f0a2ae443cfa986fe7adc810e9ae763c0d93ba254d2be991f8c93341119e45da75461d43eb59c514ae86e104750bcbe2742e684981d0293a5e2c4f
SSDEEP

3072:+4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:NiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  178fd66df8d495ce01d8d7c3d0fbc3d4_JaffaCakes118
- Size
  
  165KB
- MD5
  
  178fd66df8d495ce01d8d7c3d0fbc3d4
- SHA1
  
  3e4b6651468ebd38f9cb14e26c430a498e36388a
- SHA256
  
  8b33be51e3a5af63463ac5aa5d992f82e79c5e8033a83f22a665327f11335b96
- SHA512
  
  5b0ebc6f24f0a2ae443cfa986fe7adc810e9ae763c0d93ba254d2be991f8c93341119e45da75461d43eb59c514ae86e104750bcbe2742e684981d0293a5e2c4f
- SSDEEP
  
  3072:+4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:NiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2