fd11c08cb75dc2404f2fd08cba8177ab1e3aa1c628ee491716dfd44d1b5acb81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

551bd42e03be5a35d68b369add02a651_JaffaCakes118
Size

165KB
Sample

241018-dgnysstana
MD5

551bd42e03be5a35d68b369add02a651
SHA1

3f8977b553e4442975ad9007b0c65fe8728ec5b8
SHA256

fd11c08cb75dc2404f2fd08cba8177ab1e3aa1c628ee491716dfd44d1b5acb81
SHA512

6c36752c102bc7f4292df68dd91a7eadcb2c53891eef32c5db214505485e4a1042c35c4006654bcf8907318245667d637b9276f5dac56df2f34d0e1bdb15612a
SSDEEP

3072:J4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:CiI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  551bd42e03be5a35d68b369add02a651_JaffaCakes118
- Size
  
  165KB
- MD5
  
  551bd42e03be5a35d68b369add02a651
- SHA1
  
  3f8977b553e4442975ad9007b0c65fe8728ec5b8
- SHA256
  
  fd11c08cb75dc2404f2fd08cba8177ab1e3aa1c628ee491716dfd44d1b5acb81
- SHA512
  
  6c36752c102bc7f4292df68dd91a7eadcb2c53891eef32c5db214505485e4a1042c35c4006654bcf8907318245667d637b9276f5dac56df2f34d0e1bdb15612a
- SSDEEP
  
  3072:J4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4:CiI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2