7ca4aab2f2e0690cbbd65bd6670fb5271b5c8ed82e12ec4a0c61c444055314d6 | Triage

Sharing

General

Target

b27ed569ae1630c69c641c96fbf4e7d0_JaffaCakes118
Size

111KB
Sample

240821-hpsdeaydmm
MD5

b27ed569ae1630c69c641c96fbf4e7d0
SHA1

e7aea2e2f964365a32473687bf60ffa65d70c301
SHA256

7ca4aab2f2e0690cbbd65bd6670fb5271b5c8ed82e12ec4a0c61c444055314d6
SHA512

bef72ee6c5692853964632f8645fc55312f5fd2fbbf7fbdfa9ed4e86b9ebf9f50d4b011bca8d377077fce4d75af6a02e051f2b8e454fe23c762e2176f9ed7454
SSDEEP

3072:3emS6MwVQCGo4qiRlUE0aWQ4K9NIgjdswyMRFIb:qCGVLUE0a9RNIg2w0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b27ed569ae1630c69c641c96fbf4e7d0_JaffaCakes118
- Size
  
  111KB
- MD5
  
  b27ed569ae1630c69c641c96fbf4e7d0
- SHA1
  
  e7aea2e2f964365a32473687bf60ffa65d70c301
- SHA256
  
  7ca4aab2f2e0690cbbd65bd6670fb5271b5c8ed82e12ec4a0c61c444055314d6
- SHA512
  
  bef72ee6c5692853964632f8645fc55312f5fd2fbbf7fbdfa9ed4e86b9ebf9f50d4b011bca8d377077fce4d75af6a02e051f2b8e454fe23c762e2176f9ed7454
- SSDEEP
  
  3072:3emS6MwVQCGo4qiRlUE0aWQ4K9NIgjdswyMRFIb:qCGVLUE0a9RNIg2w0
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2