5e4561142ae522e96e58754a61ef534fba4f7dd67b185f5a6dd38fe6b39d786e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a6ffd43120a7b2c41f8ee2a4643abfb_JaffaCakes118
Size

165KB
Sample

241009-ejzczstenn
MD5

2a6ffd43120a7b2c41f8ee2a4643abfb
SHA1

d2475bc4aef48c8342b143e711554b9084f55aa9
SHA256

5e4561142ae522e96e58754a61ef534fba4f7dd67b185f5a6dd38fe6b39d786e
SHA512

c406945a2814f90a80583a804ac8a8b0325a44e719b1510fa37b274a7e0db4dbc540fb96620d77c7b5b39f0f7e07fc537d2a13d6a74e7c5d513c76bc86d02cae
SSDEEP

3072:A4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:fiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2a6ffd43120a7b2c41f8ee2a4643abfb_JaffaCakes118
- Size
  
  165KB
- MD5
  
  2a6ffd43120a7b2c41f8ee2a4643abfb
- SHA1
  
  d2475bc4aef48c8342b143e711554b9084f55aa9
- SHA256
  
  5e4561142ae522e96e58754a61ef534fba4f7dd67b185f5a6dd38fe6b39d786e
- SHA512
  
  c406945a2814f90a80583a804ac8a8b0325a44e719b1510fa37b274a7e0db4dbc540fb96620d77c7b5b39f0f7e07fc537d2a13d6a74e7c5d513c76bc86d02cae
- SSDEEP
  
  3072:A4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:fiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2