6177aaa2e6344df0a1795dbbd193392ee16fe197a99a224fbe59388442ef3391 | Triage

Sharing

General

Target

73bd9350e8eecb808e39a69aa46fb300_JaffaCakes118
Size

64KB
Sample

240726-myhmsatbkk
MD5

73bd9350e8eecb808e39a69aa46fb300
SHA1

ca8fa9928eaa7f541465a91257747b19ec53323e
SHA256

6177aaa2e6344df0a1795dbbd193392ee16fe197a99a224fbe59388442ef3391
SHA512

af1a85907bb7ba6ce18797ccefe2931678ebcfd765c0836c8d97f27fac66fa8c2db8e75b0934969adbc93cbc913c6f62753bb0a087906e3718faf8c8517bce85
SSDEEP

768:AVjeRIvJC8prktrRpSKB3oGch8/xSbQiQ2ensX5Bu02gvvCfqXt3BNk:wfk8pAtzSKoza/cA2pv1gfqbNk

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  73bd9350e8eecb808e39a69aa46fb300_JaffaCakes118
- Size
  
  64KB
- MD5
  
  73bd9350e8eecb808e39a69aa46fb300
- SHA1
  
  ca8fa9928eaa7f541465a91257747b19ec53323e
- SHA256
  
  6177aaa2e6344df0a1795dbbd193392ee16fe197a99a224fbe59388442ef3391
- SHA512
  
  af1a85907bb7ba6ce18797ccefe2931678ebcfd765c0836c8d97f27fac66fa8c2db8e75b0934969adbc93cbc913c6f62753bb0a087906e3718faf8c8517bce85
- SSDEEP
  
  768:AVjeRIvJC8prktrRpSKB3oGch8/xSbQiQ2ensX5Bu02gvvCfqXt3BNk:wfk8pAtzSKoza/cA2pv1gfqbNk
Score

7^/10

discovery defense_evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

defense_evasiondiscovery