c06dbcd31238f45a2a8de86c78f36c3563bf980785ec3b856bc612cfd11a8e78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bf33db016c3f47d2b8300279e1e3e10_JaffaCakes118
Size

164KB
Sample

241009-ghlrlsvejm
MD5

2bf33db016c3f47d2b8300279e1e3e10
SHA1

25c379aca1685e1b35531d30cf126cd9531c7647
SHA256

c06dbcd31238f45a2a8de86c78f36c3563bf980785ec3b856bc612cfd11a8e78
SHA512

db6034afda0ab2ef009ce8e392f5da69dc60ca7c096227a1a06ff1904954ab63149d1f39fe359a7a9d99b29dfc11ea94dfed780fc28dcf317d34b173faccbbb5
SSDEEP

3072:5iSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h:8iilhmIQODDHBJdmOHIFs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2bf33db016c3f47d2b8300279e1e3e10_JaffaCakes118
- Size
  
  164KB
- MD5
  
  2bf33db016c3f47d2b8300279e1e3e10
- SHA1
  
  25c379aca1685e1b35531d30cf126cd9531c7647
- SHA256
  
  c06dbcd31238f45a2a8de86c78f36c3563bf980785ec3b856bc612cfd11a8e78
- SHA512
  
  db6034afda0ab2ef009ce8e392f5da69dc60ca7c096227a1a06ff1904954ab63149d1f39fe359a7a9d99b29dfc11ea94dfed780fc28dcf317d34b173faccbbb5
- SSDEEP
  
  3072:5iSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h:8iilhmIQODDHBJdmOHIFs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2