8d9157401eaf15dfc0308749474c5a9f44ed2795b16c56afee089535a3f99b93 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52a3d4d647b2d7b97ec5b9b4fc96d311_JaffaCakes118
Size

165KB
Sample

241017-t2tb1sxgrk
MD5

52a3d4d647b2d7b97ec5b9b4fc96d311
SHA1

77d7a6bcad93b7179da2f97080fbc388288d6b14
SHA256

8d9157401eaf15dfc0308749474c5a9f44ed2795b16c56afee089535a3f99b93
SHA512

18c508db99817f11905cdfc3e8d011e4d981b4550c0e032cf4805d7eff7280f49ac08e8d9b94ee63d59be9372d677e7bd7f0ffc0957f63c69cec8298ca1718ef
SSDEEP

3072:A4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:fiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  52a3d4d647b2d7b97ec5b9b4fc96d311_JaffaCakes118
- Size
  
  165KB
- MD5
  
  52a3d4d647b2d7b97ec5b9b4fc96d311
- SHA1
  
  77d7a6bcad93b7179da2f97080fbc388288d6b14
- SHA256
  
  8d9157401eaf15dfc0308749474c5a9f44ed2795b16c56afee089535a3f99b93
- SHA512
  
  18c508db99817f11905cdfc3e8d011e4d981b4550c0e032cf4805d7eff7280f49ac08e8d9b94ee63d59be9372d677e7bd7f0ffc0957f63c69cec8298ca1718ef
- SSDEEP
  
  3072:A4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:fiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2