63e5d322476ebebe0e177807b59494b853e118d2e35fe978e1227ea1aa80280b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ceae4e6961b62d8e7c7d3c2af443f08_JaffaCakes118
Size

164KB
Sample

241013-a81j5azhre
MD5

3ceae4e6961b62d8e7c7d3c2af443f08
SHA1

f3e1588acf6749c19a195e356732da3a8867d5e1
SHA256

63e5d322476ebebe0e177807b59494b853e118d2e35fe978e1227ea1aa80280b
SHA512

e1b67b0d65fb1d7b9ae6763252b4754922dc9a9bde6a3bf9c7d405751d66b7b69ac4691804c8d086d7e1395b47f5b8bc881747ab8017a3f7840889dacc2111e4
SSDEEP

3072:timnuVXjzu3vsLrP5voun/VqIoKJfma7tYEoFMhY:Tulu3vsPfdqIoK0a7BK

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3ceae4e6961b62d8e7c7d3c2af443f08_JaffaCakes118
- Size
  
  164KB
- MD5
  
  3ceae4e6961b62d8e7c7d3c2af443f08
- SHA1
  
  f3e1588acf6749c19a195e356732da3a8867d5e1
- SHA256
  
  63e5d322476ebebe0e177807b59494b853e118d2e35fe978e1227ea1aa80280b
- SHA512
  
  e1b67b0d65fb1d7b9ae6763252b4754922dc9a9bde6a3bf9c7d405751d66b7b69ac4691804c8d086d7e1395b47f5b8bc881747ab8017a3f7840889dacc2111e4
- SSDEEP
  
  3072:timnuVXjzu3vsLrP5voun/VqIoKJfma7tYEoFMhY:Tulu3vsPfdqIoK0a7BK
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2