1defb8f46d081bee362775c8d4db68359e764bdaa885cb45146e8fccf8555bd5 | Triage

Sharing

General

Target

37d8cc927335ef6b502d21f850e01c1d_JaffaCakes118
Size

164KB
Sample

241012-b59jaswbqh
MD5

37d8cc927335ef6b502d21f850e01c1d
SHA1

423acef92f3fc4d9d2e903c596e28f1b77e32107
SHA256

1defb8f46d081bee362775c8d4db68359e764bdaa885cb45146e8fccf8555bd5
SHA512

2a4a0d513e62f90ae67d7dfe922cdb2a9958c4859ee662f70a69e3cae256897c56b2358091e545d1823428e4a94a938a34444e6a7681ea88527363413a8a4f46
SSDEEP

3072:SiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h:NiilhmIQODDHBJdmOHIFs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  37d8cc927335ef6b502d21f850e01c1d_JaffaCakes118
- Size
  
  164KB
- MD5
  
  37d8cc927335ef6b502d21f850e01c1d
- SHA1
  
  423acef92f3fc4d9d2e903c596e28f1b77e32107
- SHA256
  
  1defb8f46d081bee362775c8d4db68359e764bdaa885cb45146e8fccf8555bd5
- SHA512
  
  2a4a0d513e62f90ae67d7dfe922cdb2a9958c4859ee662f70a69e3cae256897c56b2358091e545d1823428e4a94a938a34444e6a7681ea88527363413a8a4f46
- SSDEEP
  
  3072:SiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5h:NiilhmIQODDHBJdmOHIFs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2