0e3456ea5d8dc4bf9510ad4888b1fbb59385d3b950b97981ee54e0983f0db564 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

422995be22a14a466fe69846d7f436b0_JaffaCakes118
Size

3.6MB
Sample

241013-1a75estepm
MD5

422995be22a14a466fe69846d7f436b0
SHA1

e46d709d7c78a52dd8d248cc1b7bb1e778300fb0
SHA256

0e3456ea5d8dc4bf9510ad4888b1fbb59385d3b950b97981ee54e0983f0db564
SHA512

6d9319741c99bae22f23d5c2e8e83db11199592a5f1b21c88b12116f09e64bfd6ac763357b070ec184c5819e30b4a499838c12b8ebab4634a9ab9530bdb5fb91
SSDEEP

49152:vtAeMAbB7aWGd204b9SKvIRIf5clyeeutfUnnnnnnp70HJKpedvK+EXEihplRKN8:5DuHSfF0pgAMp/9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  422995be22a14a466fe69846d7f436b0_JaffaCakes118
- Size
  
  3.6MB
- MD5
  
  422995be22a14a466fe69846d7f436b0
- SHA1
  
  e46d709d7c78a52dd8d248cc1b7bb1e778300fb0
- SHA256
  
  0e3456ea5d8dc4bf9510ad4888b1fbb59385d3b950b97981ee54e0983f0db564
- SHA512
  
  6d9319741c99bae22f23d5c2e8e83db11199592a5f1b21c88b12116f09e64bfd6ac763357b070ec184c5819e30b4a499838c12b8ebab4634a9ab9530bdb5fb91
- SSDEEP
  
  49152:vtAeMAbB7aWGd204b9SKvIRIf5clyeeutfUnnnnnnp70HJKpedvK+EXEihplRKN8:5DuHSfF0pgAMp/9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2