0127ce2add98c413a1db29e04aa8dd47a613b67607530175e3e3e01d9184e34d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2686253760f019b045088ac4bee1d07c_JaffaCakes118
Size

163KB
Sample

241008-2k27laycnh
MD5

2686253760f019b045088ac4bee1d07c
SHA1

73d59dffba30c39c5d4c0efa7a8a859109719860
SHA256

0127ce2add98c413a1db29e04aa8dd47a613b67607530175e3e3e01d9184e34d
SHA512

428deec28ccff8349509c357386c9079c6fe3ff3c92e1f10fac6a3c100d76fcdff19fdb312818d5aa9dd4ac7d662456c75fe09890edb07463b60c1e21758b37b
SSDEEP

3072:24HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4H:1iI/PlY37ZLF4Ca6WABqBOvsH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2686253760f019b045088ac4bee1d07c_JaffaCakes118
- Size
  
  163KB
- MD5
  
  2686253760f019b045088ac4bee1d07c
- SHA1
  
  73d59dffba30c39c5d4c0efa7a8a859109719860
- SHA256
  
  0127ce2add98c413a1db29e04aa8dd47a613b67607530175e3e3e01d9184e34d
- SHA512
  
  428deec28ccff8349509c357386c9079c6fe3ff3c92e1f10fac6a3c100d76fcdff19fdb312818d5aa9dd4ac7d662456c75fe09890edb07463b60c1e21758b37b
- SSDEEP
  
  3072:24HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4H:1iI/PlY37ZLF4Ca6WABqBOvsH
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2