8f67701c81cf0c462520ef6d359b8229a638dea170e5473575c61d7edc492d60 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

825f2aede99c29132f490693ae6a9b69_JaffaCakes118
Size

52KB
Sample

240802-a1hz4svfpk
MD5

825f2aede99c29132f490693ae6a9b69
SHA1

892e60f0ed8700d476bbf5aa19c85e25b3681e8b
SHA256

8f67701c81cf0c462520ef6d359b8229a638dea170e5473575c61d7edc492d60
SHA512

40522c7b817a85d0259f0ca73e8146710e6db25904e4c039736ec4b9b1a85b6c0ad13810551758439d541a9f329d2f2e9dbfc150be11d037c5b138aaa78e19df
SSDEEP

768:c7iNnL5HecEIINchrD3iEaTeYGeRt6c/Ld4seunjfdZ0Xv1aeWVohZ7Avh/PvW:1kKtDytXGeLDd4EZ0Xv1ouZsvV

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  825f2aede99c29132f490693ae6a9b69_JaffaCakes118
- Size
  
  52KB
- MD5
  
  825f2aede99c29132f490693ae6a9b69
- SHA1
  
  892e60f0ed8700d476bbf5aa19c85e25b3681e8b
- SHA256
  
  8f67701c81cf0c462520ef6d359b8229a638dea170e5473575c61d7edc492d60
- SHA512
  
  40522c7b817a85d0259f0ca73e8146710e6db25904e4c039736ec4b9b1a85b6c0ad13810551758439d541a9f329d2f2e9dbfc150be11d037c5b138aaa78e19df
- SSDEEP
  
  768:c7iNnL5HecEIINchrD3iEaTeYGeRt6c/Ld4seunjfdZ0Xv1aeWVohZ7Avh/PvW:1kKtDytXGeLDd4EZ0Xv1ouZsvV
Score

7^/10

discovery evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan