221f9d4390be2ca82dfd4865020ae0452c88f27e3387ec9abb69fce807daf3d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

555c963965dadb9e245fab1213c79fe0_JaffaCakes118
Size

163KB
Sample

241018-ejy28ayeqj
MD5

555c963965dadb9e245fab1213c79fe0
SHA1

f103f78ccd2de8ebb7192955414004f852b217e1
SHA256

221f9d4390be2ca82dfd4865020ae0452c88f27e3387ec9abb69fce807daf3d6
SHA512

796dd047def5428ddccb480ebaf2a3a1fd0b39c346bbc49abea60e985d59596ed3a2b11e021b8719394940bbd83afca51b642a5599431d5776087c74d2cc5d5e
SSDEEP

3072:X4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4K4:IiI/PlY37ZLF4Ca6WABqBOvsK4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  555c963965dadb9e245fab1213c79fe0_JaffaCakes118
- Size
  
  163KB
- MD5
  
  555c963965dadb9e245fab1213c79fe0
- SHA1
  
  f103f78ccd2de8ebb7192955414004f852b217e1
- SHA256
  
  221f9d4390be2ca82dfd4865020ae0452c88f27e3387ec9abb69fce807daf3d6
- SHA512
  
  796dd047def5428ddccb480ebaf2a3a1fd0b39c346bbc49abea60e985d59596ed3a2b11e021b8719394940bbd83afca51b642a5599431d5776087c74d2cc5d5e
- SSDEEP
  
  3072:X4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4K4:IiI/PlY37ZLF4Ca6WABqBOvsK4
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2