3323a5827f7e7648b0c99f387495d1697af5440317f8c4eb138eed53d7907ddb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30b129aeb35a10aeaf83080995f2f025_JaffaCakes118
Size

164KB
Sample

241010-tchh8ayfqm
MD5

30b129aeb35a10aeaf83080995f2f025
SHA1

a64c6518a677b0be1ff4f51c61e3815e2a5d4004
SHA256

3323a5827f7e7648b0c99f387495d1697af5440317f8c4eb138eed53d7907ddb
SHA512

9b0099bbbb853e8633e29870ad0f32f5c1aeb6ef176f6fa0dd0db88e389a13aa5565770aec7bac00be97741a74eaed0d061c3b06ce34a993120d0ef8d64a0d0c
SSDEEP

3072:GiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h:xiilhmIQODDHBJdmOHIFs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  30b129aeb35a10aeaf83080995f2f025_JaffaCakes118
- Size
  
  164KB
- MD5
  
  30b129aeb35a10aeaf83080995f2f025
- SHA1
  
  a64c6518a677b0be1ff4f51c61e3815e2a5d4004
- SHA256
  
  3323a5827f7e7648b0c99f387495d1697af5440317f8c4eb138eed53d7907ddb
- SHA512
  
  9b0099bbbb853e8633e29870ad0f32f5c1aeb6ef176f6fa0dd0db88e389a13aa5565770aec7bac00be97741a74eaed0d061c3b06ce34a993120d0ef8d64a0d0c
- SSDEEP
  
  3072:GiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h:xiilhmIQODDHBJdmOHIFs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2