86a63cf0377479394c4d39c75e2b46fa40b2495353aac5c425a9ea046f4d97ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30fd7fa103e5fc7c4f67d858e4c463b6_JaffaCakes118
Size

165KB
Sample

241010-vl4ngswgjh
MD5

30fd7fa103e5fc7c4f67d858e4c463b6
SHA1

c44bba3d408bec501a953feafe33fa23339cc729
SHA256

86a63cf0377479394c4d39c75e2b46fa40b2495353aac5c425a9ea046f4d97ce
SHA512

4e0094250dca34c4a6a78fc01d48d044c81ed629d233ed4581999f4321bb18dd32e3c5165ece59ef74b455cb6971961bd667a6c1160828deac5990ec677962d8
SSDEEP

3072:h4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:KiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  30fd7fa103e5fc7c4f67d858e4c463b6_JaffaCakes118
- Size
  
  165KB
- MD5
  
  30fd7fa103e5fc7c4f67d858e4c463b6
- SHA1
  
  c44bba3d408bec501a953feafe33fa23339cc729
- SHA256
  
  86a63cf0377479394c4d39c75e2b46fa40b2495353aac5c425a9ea046f4d97ce
- SHA512
  
  4e0094250dca34c4a6a78fc01d48d044c81ed629d233ed4581999f4321bb18dd32e3c5165ece59ef74b455cb6971961bd667a6c1160828deac5990ec677962d8
- SSDEEP
  
  3072:h4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:KiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2