1a619a2482a019500697913cfeaf8ead05b592ffc852099b96eebf07570bffaa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5379c4a2d1a3b55f3d558b81536f6803_JaffaCakes118
Size

72KB
Sample

241017-ys6m7stdja
MD5

5379c4a2d1a3b55f3d558b81536f6803
SHA1

927a51ef62580af652b18a406ea168b4accf0134
SHA256

1a619a2482a019500697913cfeaf8ead05b592ffc852099b96eebf07570bffaa
SHA512

f4617fff867f64f513a4e2f2f76f9c220fe3e9d2ee70ea9249eb6df9f38492ecd3b88e7f4b744a1f3a24c53bbb47cdf73f5e97d794a5172e5de745d948ca80e8
SSDEEP

768:9LO1iSFKkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVJ6:pG9irEJycA8Dy9Suo6zCC

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  5379c4a2d1a3b55f3d558b81536f6803_JaffaCakes118
- Size
  
  72KB
- MD5
  
  5379c4a2d1a3b55f3d558b81536f6803
- SHA1
  
  927a51ef62580af652b18a406ea168b4accf0134
- SHA256
  
  1a619a2482a019500697913cfeaf8ead05b592ffc852099b96eebf07570bffaa
- SHA512
  
  f4617fff867f64f513a4e2f2f76f9c220fe3e9d2ee70ea9249eb6df9f38492ecd3b88e7f4b744a1f3a24c53bbb47cdf73f5e97d794a5172e5de745d948ca80e8
- SSDEEP
  
  768:9LO1iSFKkOCfJb4kHrgrTi6yBJJyNKJCviXDyiwSuo6zCNKVJ6:pG9irEJycA8Dy9Suo6zCC
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2