a284a8048b019f5122b467e082850312c8d88a4724fe21385966026586b198e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3eb233759eecc3f4e140cf43e975d4d4_JaffaCakes118
Size

165KB
Sample

241013-jwb6fawdka
MD5

3eb233759eecc3f4e140cf43e975d4d4
SHA1

006d35a47731769444face5cdad18f1be6917932
SHA256

a284a8048b019f5122b467e082850312c8d88a4724fe21385966026586b198e9
SHA512

839b130f10583fdcc1a9b2e22bf1b5af7552479ac2769a27e2ed5ac6d86d4429d937770d26fa3fe4784978b586f2bafb0511a98a2eb8ef2b1d504a447bdfebe5
SSDEEP

3072:t4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:uiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3eb233759eecc3f4e140cf43e975d4d4_JaffaCakes118
- Size
  
  165KB
- MD5
  
  3eb233759eecc3f4e140cf43e975d4d4
- SHA1
  
  006d35a47731769444face5cdad18f1be6917932
- SHA256
  
  a284a8048b019f5122b467e082850312c8d88a4724fe21385966026586b198e9
- SHA512
  
  839b130f10583fdcc1a9b2e22bf1b5af7552479ac2769a27e2ed5ac6d86d4429d937770d26fa3fe4784978b586f2bafb0511a98a2eb8ef2b1d504a447bdfebe5
- SSDEEP
  
  3072:t4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:uiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2