ffe1a594844a49a7100daa754d1bbce5adaca4f3cde70230c98a9ba96b44d438 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f80486262c35ff8dd845f7114ead783_JaffaCakes118
Size

163KB
Sample

241013-m8yrratarc
MD5

3f80486262c35ff8dd845f7114ead783
SHA1

4e6e78cd80df8a60c53ccee1728492f0109e49c2
SHA256

ffe1a594844a49a7100daa754d1bbce5adaca4f3cde70230c98a9ba96b44d438
SHA512

bbfb4df4e025b8856623843312b0bbe1e9225c7933a0a970bf5180ebdf9013a993232458e926233830cdc87e4b10c7b4211b7f7b44eb428ef95e1415bcc82a6a
SSDEEP

3072:i4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez47:5iI/PlY37ZLF4Ca6WABqBOvs7

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3f80486262c35ff8dd845f7114ead783_JaffaCakes118
- Size
  
  163KB
- MD5
  
  3f80486262c35ff8dd845f7114ead783
- SHA1
  
  4e6e78cd80df8a60c53ccee1728492f0109e49c2
- SHA256
  
  ffe1a594844a49a7100daa754d1bbce5adaca4f3cde70230c98a9ba96b44d438
- SHA512
  
  bbfb4df4e025b8856623843312b0bbe1e9225c7933a0a970bf5180ebdf9013a993232458e926233830cdc87e4b10c7b4211b7f7b44eb428ef95e1415bcc82a6a
- SSDEEP
  
  3072:i4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez47:5iI/PlY37ZLF4Ca6WABqBOvs7
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2