0926e01fea60fe1f2149e1a6edcd654ec86232d0b6e44c37fd353ecdd704a7bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30a8e4ba881628ffe4e6c0b07cc767fe_JaffaCakes118
Size

165KB
Sample

241010-s777patbmb
MD5

30a8e4ba881628ffe4e6c0b07cc767fe
SHA1

9cdee93cff8fd327e1293a2f118b639601e86550
SHA256

0926e01fea60fe1f2149e1a6edcd654ec86232d0b6e44c37fd353ecdd704a7bc
SHA512

6dca0b11a780d020f8e91e5abfcd8b0eaa06e9617132d6a7bac48fbcd9398b93f190d1fc320eff2e9fd2cdc53c2885eb05b30f19568da3cc1eb8c1f3667191b9
SSDEEP

3072:44HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:niI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  30a8e4ba881628ffe4e6c0b07cc767fe_JaffaCakes118
- Size
  
  165KB
- MD5
  
  30a8e4ba881628ffe4e6c0b07cc767fe
- SHA1
  
  9cdee93cff8fd327e1293a2f118b639601e86550
- SHA256
  
  0926e01fea60fe1f2149e1a6edcd654ec86232d0b6e44c37fd353ecdd704a7bc
- SHA512
  
  6dca0b11a780d020f8e91e5abfcd8b0eaa06e9617132d6a7bac48fbcd9398b93f190d1fc320eff2e9fd2cdc53c2885eb05b30f19568da3cc1eb8c1f3667191b9
- SSDEEP
  
  3072:44HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:niI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2