658c362b6e3fa059ab2e9be4da367db29ff75198560fed1c5a2677875ba4e229 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3099bbb0cd3766af2111e7a3f08dae1e_JaffaCakes118
Size

196KB
Sample

240709-qx8z5awgnl
MD5

3099bbb0cd3766af2111e7a3f08dae1e
SHA1

23960dcec5d12b03af1781fcd2f3cdfe7928b015
SHA256

658c362b6e3fa059ab2e9be4da367db29ff75198560fed1c5a2677875ba4e229
SHA512

1a571a7ae37bd36a047f8eb24259efe5aea3ee58bf346078c0c846d5c498ca6358371a50d5ed25aea00d2f9b40cf7697dca93e705fc321ad6270e69f3aaed4ac
SSDEEP

6144:usfK9sOJxaH0nGUNHiTBBJaN66Mo4Eg6DKkuIwc:usqZlnlJiTVkFuVc

Score

7^/10

Malware Config

Targets

- Target
  
  3099bbb0cd3766af2111e7a3f08dae1e_JaffaCakes118
- Size
  
  196KB
- MD5
  
  3099bbb0cd3766af2111e7a3f08dae1e
- SHA1
  
  23960dcec5d12b03af1781fcd2f3cdfe7928b015
- SHA256
  
  658c362b6e3fa059ab2e9be4da367db29ff75198560fed1c5a2677875ba4e229
- SHA512
  
  1a571a7ae37bd36a047f8eb24259efe5aea3ee58bf346078c0c846d5c498ca6358371a50d5ed25aea00d2f9b40cf7697dca93e705fc321ad6270e69f3aaed4ac
- SSDEEP
  
  6144:usfK9sOJxaH0nGUNHiTBBJaN66Mo4Eg6DKkuIwc:usqZlnlJiTVkFuVc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2