152e4afaa9cd11d5e8e9d7884d8116f938270c3ff13703b493d7c476f1a55618 | Triage

Sharing

General

Target

ac8be71418f6b67e0a8ffc0d069e1549_JaffaCakes118
Size

204KB
Sample

240615-cl4dlswbmf
MD5

ac8be71418f6b67e0a8ffc0d069e1549
SHA1

7ef023bd02b09eb5bff53959b464ac6d9f554a95
SHA256

152e4afaa9cd11d5e8e9d7884d8116f938270c3ff13703b493d7c476f1a55618
SHA512

521ec152d12df37a0fad700f29877121151ecd4ce897cba03ed4186df8cb6ff8f809a30e52d50dd37d8c250776572eb046bdd8ff4ea909c6c901cca2dd4179a8
SSDEEP

6144:h0Awt4S0ZJrhsmWP5CjHJO16u6tTBjtOwBHQV:h0PtD2Jrh+P5Cj3u6tTlO

Score

7^/10

Malware Config

Targets

- Target
  
  ac8be71418f6b67e0a8ffc0d069e1549_JaffaCakes118
- Size
  
  204KB
- MD5
  
  ac8be71418f6b67e0a8ffc0d069e1549
- SHA1
  
  7ef023bd02b09eb5bff53959b464ac6d9f554a95
- SHA256
  
  152e4afaa9cd11d5e8e9d7884d8116f938270c3ff13703b493d7c476f1a55618
- SHA512
  
  521ec152d12df37a0fad700f29877121151ecd4ce897cba03ed4186df8cb6ff8f809a30e52d50dd37d8c250776572eb046bdd8ff4ea909c6c901cca2dd4179a8
- SSDEEP
  
  6144:h0Awt4S0ZJrhsmWP5CjHJO16u6tTBjtOwBHQV:h0PtD2Jrh+P5Cj3u6tTlO
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2