ddbe8fbd2ae301c15f90b900f253f7d54cffc555884e743ea16f5cdae14d67e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e10c30bf5f7d8a0de0959c66a2ffadf_JaffaCakes118
Size

165KB
Sample

241013-f7fffswamq
MD5

3e10c30bf5f7d8a0de0959c66a2ffadf
SHA1

bbfde169833795b828c9cb2adb2e2a49cd65f7f9
SHA256

ddbe8fbd2ae301c15f90b900f253f7d54cffc555884e743ea16f5cdae14d67e1
SHA512

669795f7a3b5a2afd1ae8c16881d9df1ca7b675fb67a1bc906c156e007938280ac8bb7eb6fbb8530e8298f830b26a6890b5c80e6fb94369386453b7fe93b96d4
SSDEEP

3072:E4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:riI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3e10c30bf5f7d8a0de0959c66a2ffadf_JaffaCakes118
- Size
  
  165KB
- MD5
  
  3e10c30bf5f7d8a0de0959c66a2ffadf
- SHA1
  
  bbfde169833795b828c9cb2adb2e2a49cd65f7f9
- SHA256
  
  ddbe8fbd2ae301c15f90b900f253f7d54cffc555884e743ea16f5cdae14d67e1
- SHA512
  
  669795f7a3b5a2afd1ae8c16881d9df1ca7b675fb67a1bc906c156e007938280ac8bb7eb6fbb8530e8298f830b26a6890b5c80e6fb94369386453b7fe93b96d4
- SSDEEP
  
  3072:E4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:riI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2