1fee0b82926074d62adbf43321933b28227dd82d278fd536dff6a78b354569f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f6483e63b1f4b1885c284ff30fadc85_JaffaCakes118
Size

72KB
Sample

241013-mr5hzasdjh
MD5

3f6483e63b1f4b1885c284ff30fadc85
SHA1

f4a4ac92045737d561d72db9a9f5ac51290cfbce
SHA256

1fee0b82926074d62adbf43321933b28227dd82d278fd536dff6a78b354569f7
SHA512

43bfafd0d1adfaeda4e13f3d40a5acc5b85db14ebc0b916129ff771174da70a71cfd3bb6d0a1c4fb9d03a7c285b6c90ece9bfcff8dedb148b7ae53d206f4087f
SSDEEP

768:96s1iSWKkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVgq:wUGirEJycA8Dy9Suo6zC/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3f6483e63b1f4b1885c284ff30fadc85_JaffaCakes118
- Size
  
  72KB
- MD5
  
  3f6483e63b1f4b1885c284ff30fadc85
- SHA1
  
  f4a4ac92045737d561d72db9a9f5ac51290cfbce
- SHA256
  
  1fee0b82926074d62adbf43321933b28227dd82d278fd536dff6a78b354569f7
- SHA512
  
  43bfafd0d1adfaeda4e13f3d40a5acc5b85db14ebc0b916129ff771174da70a71cfd3bb6d0a1c4fb9d03a7c285b6c90ece9bfcff8dedb148b7ae53d206f4087f
- SSDEEP
  
  768:96s1iSWKkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVgq:wUGirEJycA8Dy9Suo6zC/
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2