b294b65b86079a99991b1ee2916c8ef25f4246d4c94414d1adf2122880e0a311 | Triage

Sharing

General

Target

17e7cbbca40d855b32ef14946e45bb18_JaffaCakes118
Size

165KB
Sample

241006-nl53zs1fqr
MD5

17e7cbbca40d855b32ef14946e45bb18
SHA1

e0748c7005eb4a74a50cf2ae24dd59ee0fb8d128
SHA256

b294b65b86079a99991b1ee2916c8ef25f4246d4c94414d1adf2122880e0a311
SHA512

2bff4cac6af457b814837621fcd6cf24cc9c392f21ba4960e72f8e7f3ce886538357f9aa1f2539cf3836c144b97a9ed658c5ce449be29ed51533b043bc89840b
SSDEEP

3072:a4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:hiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  17e7cbbca40d855b32ef14946e45bb18_JaffaCakes118
- Size
  
  165KB
- MD5
  
  17e7cbbca40d855b32ef14946e45bb18
- SHA1
  
  e0748c7005eb4a74a50cf2ae24dd59ee0fb8d128
- SHA256
  
  b294b65b86079a99991b1ee2916c8ef25f4246d4c94414d1adf2122880e0a311
- SHA512
  
  2bff4cac6af457b814837621fcd6cf24cc9c392f21ba4960e72f8e7f3ce886538357f9aa1f2539cf3836c144b97a9ed658c5ce449be29ed51533b043bc89840b
- SSDEEP
  
  3072:a4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:hiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2