d5165a59961bf930bd9d5e409f22b113501ced6919f41b430b5986331b91dad8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cdbba03c31df538ba92bea79f4d1992_JaffaCakes118
Size

165KB
Sample

241013-ax7t3azele
MD5

3cdbba03c31df538ba92bea79f4d1992
SHA1

6300555a96823c4d3f31f263091d977a4b7dd873
SHA256

d5165a59961bf930bd9d5e409f22b113501ced6919f41b430b5986331b91dad8
SHA512

0a8aaccbe3ab5c6153180d1fc2a7a223051402d8277860206c59720051a7a38f880b4a248ed88253e676e773f4f151dee22054211224fc4eb485a346c554a759
SSDEEP

3072:Y4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4v:HiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3cdbba03c31df538ba92bea79f4d1992_JaffaCakes118
- Size
  
  165KB
- MD5
  
  3cdbba03c31df538ba92bea79f4d1992
- SHA1
  
  6300555a96823c4d3f31f263091d977a4b7dd873
- SHA256
  
  d5165a59961bf930bd9d5e409f22b113501ced6919f41b430b5986331b91dad8
- SHA512
  
  0a8aaccbe3ab5c6153180d1fc2a7a223051402d8277860206c59720051a7a38f880b4a248ed88253e676e773f4f151dee22054211224fc4eb485a346c554a759
- SSDEEP
  
  3072:Y4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4v:HiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2