fdf240d478e18acde8064f4f3ac7c26d2bde1bf46720875352f01f55f259e701 | Triage

Sharing

General

Target

3b576556d6f9b9941532dadb403fa337_JaffaCakes118
Size

165KB
Sample

241012-wjqjhstbka
MD5

3b576556d6f9b9941532dadb403fa337
SHA1

63cd28716913ad1a87b0e7f2e58601b4c6e37c06
SHA256

fdf240d478e18acde8064f4f3ac7c26d2bde1bf46720875352f01f55f259e701
SHA512

f69b9bb9af28c469daafe13232a2b2f59c69e7358790ad1c6667aaec7ff95db11a7d045f041b2e6826b690dee066a0444789d5d693ee287454b8912341001f7e
SSDEEP

3072:n4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:4iI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3b576556d6f9b9941532dadb403fa337_JaffaCakes118
- Size
  
  165KB
- MD5
  
  3b576556d6f9b9941532dadb403fa337
- SHA1
  
  63cd28716913ad1a87b0e7f2e58601b4c6e37c06
- SHA256
  
  fdf240d478e18acde8064f4f3ac7c26d2bde1bf46720875352f01f55f259e701
- SHA512
  
  f69b9bb9af28c469daafe13232a2b2f59c69e7358790ad1c6667aaec7ff95db11a7d045f041b2e6826b690dee066a0444789d5d693ee287454b8912341001f7e
- SSDEEP
  
  3072:n4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:4iI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2