2d9e749f7e1cb56ce220ef2c180a0e025e84302159214355a760cee9064832ab | Triage

Sharing

General

Target

410ad9e6124a088783b636e030e343ec_JaffaCakes118
Size

164KB
Sample

241013-vkchlssann
MD5

410ad9e6124a088783b636e030e343ec
SHA1

d3a5a38dac3b848d6bc17ae429e60125badcff0a
SHA256

2d9e749f7e1cb56ce220ef2c180a0e025e84302159214355a760cee9064832ab
SHA512

d28802661c45cecab57ff1819cceb624b252477b0a97726ee82e12439ee5174cef5afd806ecbcdd59c4270b3a99f847e0f3360c89d3f0c9ee6d1d01086879137
SSDEEP

3072:wiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5hc:riilhmIQODDHBJdmOHIFs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  410ad9e6124a088783b636e030e343ec_JaffaCakes118
- Size
  
  164KB
- MD5
  
  410ad9e6124a088783b636e030e343ec
- SHA1
  
  d3a5a38dac3b848d6bc17ae429e60125badcff0a
- SHA256
  
  2d9e749f7e1cb56ce220ef2c180a0e025e84302159214355a760cee9064832ab
- SHA512
  
  d28802661c45cecab57ff1819cceb624b252477b0a97726ee82e12439ee5174cef5afd806ecbcdd59c4270b3a99f847e0f3360c89d3f0c9ee6d1d01086879137
- SSDEEP
  
  3072:wiSVipBoNdGhm5P+0he9xagDexm6UJdme3HgrLpbPJG5hc:riilhmIQODDHBJdmOHIFs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2