e9c860ad2357e70160da954f4ffd2ae652fedb72c38f1d55fa7526410b1dbc94 | Triage

Sharing

General

Target

3a476bd2165171a030a02176b4610b98_JaffaCakes118
Size

165KB
Sample

241012-qst1eaxdpk
MD5

3a476bd2165171a030a02176b4610b98
SHA1

343b713eb25f00592f5c6073c212ca66a8b12489
SHA256

e9c860ad2357e70160da954f4ffd2ae652fedb72c38f1d55fa7526410b1dbc94
SHA512

8682814b6add3263fc9c19a8ff764295c0a738c40c9e0bf234832d7692ebe118ef2f30acab0664670eb3c64217e986a15901b8ed314c010ea228b30f6f3b8a29
SSDEEP

3072:G4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:liI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3a476bd2165171a030a02176b4610b98_JaffaCakes118
- Size
  
  165KB
- MD5
  
  3a476bd2165171a030a02176b4610b98
- SHA1
  
  343b713eb25f00592f5c6073c212ca66a8b12489
- SHA256
  
  e9c860ad2357e70160da954f4ffd2ae652fedb72c38f1d55fa7526410b1dbc94
- SHA512
  
  8682814b6add3263fc9c19a8ff764295c0a738c40c9e0bf234832d7692ebe118ef2f30acab0664670eb3c64217e986a15901b8ed314c010ea228b30f6f3b8a29
- SSDEEP
  
  3072:G4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:liI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2