993f686da6edb121fb417083772154c3d2c3d78f4ea708ce2b01b7cb3ae06192 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2c1fe9bb63be2bc1c44c6a54975622b_JaffaCakes118
Size

93KB
Sample

240817-qzcppsybka
MD5

a2c1fe9bb63be2bc1c44c6a54975622b
SHA1

6a2499f45cc327aeaadb3961b5275c33201d557b
SHA256

993f686da6edb121fb417083772154c3d2c3d78f4ea708ce2b01b7cb3ae06192
SHA512

1766ae0d30de4ff5b8be3877b455be0201cb97649b0d5bdd3cb305783b6f38780668f6b381d2e98b0f5e62bf67324a17eb7b0399b61eb42f2e11685711cf32a5
SSDEEP

768:cmB0YtYKXjOmPAirWttptd7t2tt5ttOttUttkttGttittFttgttNttpttdYtt9tU:eYXciqYqWew

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  a2c1fe9bb63be2bc1c44c6a54975622b_JaffaCakes118
- Size
  
  93KB
- MD5
  
  a2c1fe9bb63be2bc1c44c6a54975622b
- SHA1
  
  6a2499f45cc327aeaadb3961b5275c33201d557b
- SHA256
  
  993f686da6edb121fb417083772154c3d2c3d78f4ea708ce2b01b7cb3ae06192
- SHA512
  
  1766ae0d30de4ff5b8be3877b455be0201cb97649b0d5bdd3cb305783b6f38780668f6b381d2e98b0f5e62bf67324a17eb7b0399b61eb42f2e11685711cf32a5
- SSDEEP
  
  768:cmB0YtYKXjOmPAirWttptd7t2tt5ttOttUttkttGttittFttgttNttpttdYtt9tU:eYXciqYqWew
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery