8a34dbb081c0768f372d83dd37dd9c83282e7498104bc5d8fc3bdfff5e43c088 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8272d2d53c9293fe7f3fafd55d3bad0d_JaffaCakes118
Size

8KB
Sample

240802-bgrctawfll
MD5

8272d2d53c9293fe7f3fafd55d3bad0d
SHA1

ac556ca61add4b74a99240ae5424095df7e4491c
SHA256

8a34dbb081c0768f372d83dd37dd9c83282e7498104bc5d8fc3bdfff5e43c088
SHA512

9b9b63d7fb4540b2813f5d4fbdb91d7fba3c58efc2d702cda336c5cb3ed80631262f67e29fa7f7902c516975f569c8891f8cfd58cb0b69ad45452bc89a533ff4
SSDEEP

192:IEBVSr1DHNuluNtnYYnHV2PTkn0CeHUE9:vVMzNuluNtnYoGTxCe9

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  8272d2d53c9293fe7f3fafd55d3bad0d_JaffaCakes118
- Size
  
  8KB
- MD5
  
  8272d2d53c9293fe7f3fafd55d3bad0d
- SHA1
  
  ac556ca61add4b74a99240ae5424095df7e4491c
- SHA256
  
  8a34dbb081c0768f372d83dd37dd9c83282e7498104bc5d8fc3bdfff5e43c088
- SHA512
  
  9b9b63d7fb4540b2813f5d4fbdb91d7fba3c58efc2d702cda336c5cb3ed80631262f67e29fa7f7902c516975f569c8891f8cfd58cb0b69ad45452bc89a533ff4
- SSDEEP
  
  192:IEBVSr1DHNuluNtnYYnHV2PTkn0CeHUE9:vVMzNuluNtnYoGTxCe9
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery