04e4400c4169b503b1445350e00492aa24fdff4cfaf06f2f6f81548ad64953c1 | Triage

Sharing

General

Target

6fb041ac520b3d6b6b517046834e6795_JaffaCakes118
Size

255KB
Sample

240725-qatlxsshrh
MD5

6fb041ac520b3d6b6b517046834e6795
SHA1

7522f70a4fdc153a3c2deb87c9a703b4e1bd13b6
SHA256

04e4400c4169b503b1445350e00492aa24fdff4cfaf06f2f6f81548ad64953c1
SHA512

2c80b1628aeddc459a010ffab4b7b1a277a16c8943de459c721cbf49f41293ba46da9343fcee9c4a020c4b9a5aedc61af1774fa9ff5e6377f334412e21f8a7b9
SSDEEP

3072:YZQkhpYP2qAD81qMRQTpoZN2VmSubsZoyKHA2gE:YZQkz1quKQ94scA2gE

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6fb041ac520b3d6b6b517046834e6795_JaffaCakes118
- Size
  
  255KB
- MD5
  
  6fb041ac520b3d6b6b517046834e6795
- SHA1
  
  7522f70a4fdc153a3c2deb87c9a703b4e1bd13b6
- SHA256
  
  04e4400c4169b503b1445350e00492aa24fdff4cfaf06f2f6f81548ad64953c1
- SHA512
  
  2c80b1628aeddc459a010ffab4b7b1a277a16c8943de459c721cbf49f41293ba46da9343fcee9c4a020c4b9a5aedc61af1774fa9ff5e6377f334412e21f8a7b9
- SSDEEP
  
  3072:YZQkhpYP2qAD81qMRQTpoZN2VmSubsZoyKHA2gE:YZQkz1quKQ94scA2gE
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2