6a05b4b4b155f7de10e676b2c6d1284acf856e50f8e03392fd68545231079298 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7646d7fd8c777a2ec0d6d58a64171624_JaffaCakes118
Size

104KB
Sample

240726-3y9dhaweld
MD5

7646d7fd8c777a2ec0d6d58a64171624
SHA1

ceaf0246d41e4754d76682759420297d44a50c8d
SHA256

6a05b4b4b155f7de10e676b2c6d1284acf856e50f8e03392fd68545231079298
SHA512

e4effee7fc6af7b16680bc083048966af6c485d089054d3eb5b97c897c0ad0e9a619a3c62c75b49adfc028575694cf46c2f271edcf5fba588cba13a130d6c177
SSDEEP

768:cVztoYuuT/dxpEih0pMeJEh/tvJS9Qq+K0nPGpzB5Ha9h4EIb7FTSjgAh:cn5uqdALgtgTp0nPGpzm9h4d1OjgAh

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  7646d7fd8c777a2ec0d6d58a64171624_JaffaCakes118
- Size
  
  104KB
- MD5
  
  7646d7fd8c777a2ec0d6d58a64171624
- SHA1
  
  ceaf0246d41e4754d76682759420297d44a50c8d
- SHA256
  
  6a05b4b4b155f7de10e676b2c6d1284acf856e50f8e03392fd68545231079298
- SHA512
  
  e4effee7fc6af7b16680bc083048966af6c485d089054d3eb5b97c897c0ad0e9a619a3c62c75b49adfc028575694cf46c2f271edcf5fba588cba13a130d6c177
- SSDEEP
  
  768:cVztoYuuT/dxpEih0pMeJEh/tvJS9Qq+K0nPGpzB5Ha9h4EIb7FTSjgAh:cn5uqdALgtgTp0nPGpzm9h4d1OjgAh
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2