eaea386fdc99da892851dd80aad7751034fa1a41e05c3196c45997892e434bb6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3463c506507899aa374d5085fd569490_JaffaCakes118
Size

172KB
Sample

240511-npsxtsec7v
MD5

3463c506507899aa374d5085fd569490
SHA1

76268402d628ac9394df29a110118eac88bb3a4f
SHA256

eaea386fdc99da892851dd80aad7751034fa1a41e05c3196c45997892e434bb6
SHA512

645ebdf23f0db83869cc5589d01892a5bc06783dd32e14de90d6b5b6e7aad2c99f46b2f7d39a786e85212c01aa4cdbdea8668f19412ed699c922672e0af9cdad
SSDEEP

1536:bZZFv9d/ykLOQugmAhUfbfx3FGKyfJ8LirrJQfkyNbQBkUmbdgBGhFLA:13rq0dwlFZLi6frbQBknbdQoFLA

Score

7^/10

Malware Config

Targets

- Target
  
  3463c506507899aa374d5085fd569490_JaffaCakes118
- Size
  
  172KB
- MD5
  
  3463c506507899aa374d5085fd569490
- SHA1
  
  76268402d628ac9394df29a110118eac88bb3a4f
- SHA256
  
  eaea386fdc99da892851dd80aad7751034fa1a41e05c3196c45997892e434bb6
- SHA512
  
  645ebdf23f0db83869cc5589d01892a5bc06783dd32e14de90d6b5b6e7aad2c99f46b2f7d39a786e85212c01aa4cdbdea8668f19412ed699c922672e0af9cdad
- SSDEEP
  
  1536:bZZFv9d/ykLOQugmAhUfbfx3FGKyfJ8LirrJQfkyNbQBkUmbdgBGhFLA:13rq0dwlFZLi6frbQBknbdQoFLA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2