7a76dffeda75e1ad5fe093debcf71dc0bf3d04cb3f3a1d25ce04918da208506f | Triage

Sharing

General

Target

86d6d186dab67bb15ac12d4e786b766c_JaffaCakes118
Size

31KB
Sample

240810-t59s6sxhmp
MD5

86d6d186dab67bb15ac12d4e786b766c
SHA1

8665449bcfbb6f9b06b5e699f15763dd66d83457
SHA256

7a76dffeda75e1ad5fe093debcf71dc0bf3d04cb3f3a1d25ce04918da208506f
SHA512

7f1cf9582709f5a77443f5bbf7c7e019f3421f5beb9a11a2e65f37041fc7327d1eb3d477dbeaa76748a42c664dcf9d94c7ee562ece2c024afe029bdbbe44937d
SSDEEP

768:wNp5YCUlunh7EjKJEVYW5uGOIoqIlZF+j:i5YdghUKGVY+alq1

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  86d6d186dab67bb15ac12d4e786b766c_JaffaCakes118
- Size
  
  31KB
- MD5
  
  86d6d186dab67bb15ac12d4e786b766c
- SHA1
  
  8665449bcfbb6f9b06b5e699f15763dd66d83457
- SHA256
  
  7a76dffeda75e1ad5fe093debcf71dc0bf3d04cb3f3a1d25ce04918da208506f
- SHA512
  
  7f1cf9582709f5a77443f5bbf7c7e019f3421f5beb9a11a2e65f37041fc7327d1eb3d477dbeaa76748a42c664dcf9d94c7ee562ece2c024afe029bdbbe44937d
- SSDEEP
  
  768:wNp5YCUlunh7EjKJEVYW5uGOIoqIlZF+j:i5YdghUKGVY+alq1
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery