d1fa46be8963f963fd79d7359b2eec5fd1420da625b72b43bde866efce4c482e | Triage

Sharing

General

Target

2abb314a364c8b9f6e87c31e53ef74fa_JaffaCakes118
Size

108KB
Sample

241009-ey7ynszfrf
MD5

2abb314a364c8b9f6e87c31e53ef74fa
SHA1

3bd1ed2cb1d3c87efabfbada951e65f5016625c3
SHA256

d1fa46be8963f963fd79d7359b2eec5fd1420da625b72b43bde866efce4c482e
SHA512

51e0d3b079c5348c666820ced5f60f8425464f974307a32ce24ca82baf3e2fda1051b9b497a1af4dc51261ffe3e9285571db6d7cde7c4acadbd0292d00fdb02f
SSDEEP

3072:gw0gg0PPikrvDbEGrA7psIhDs/zzazhACuzz+cp0:R0ggGRrbwOpzzazhACuzz+cp0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2abb314a364c8b9f6e87c31e53ef74fa_JaffaCakes118
- Size
  
  108KB
- MD5
  
  2abb314a364c8b9f6e87c31e53ef74fa
- SHA1
  
  3bd1ed2cb1d3c87efabfbada951e65f5016625c3
- SHA256
  
  d1fa46be8963f963fd79d7359b2eec5fd1420da625b72b43bde866efce4c482e
- SHA512
  
  51e0d3b079c5348c666820ced5f60f8425464f974307a32ce24ca82baf3e2fda1051b9b497a1af4dc51261ffe3e9285571db6d7cde7c4acadbd0292d00fdb02f
- SSDEEP
  
  3072:gw0gg0PPikrvDbEGrA7psIhDs/zzazhACuzz+cp0:R0ggGRrbwOpzzazhACuzz+cp0
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2