9cf193c3028f4b63f0c6aba13b4bd0b1376d993f950a02ca45e49e039d3be8be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bab181e92703a26d672661c95b5b079d_JaffaCakes118
Size

110KB
Sample

240823-g52rcazble
MD5

bab181e92703a26d672661c95b5b079d
SHA1

fb05b3a3cf48e0e893eb5f3ce7d14b0fbbcdc2e8
SHA256

9cf193c3028f4b63f0c6aba13b4bd0b1376d993f950a02ca45e49e039d3be8be
SHA512

b3aa75af13acdae5855946ab1cb0ed5939f084fd5fbeb3c6cf21f5e503b6b7d63590a0c6e35c1915da7903a830a6410b8518bb0223b4799282eb3ef6ff23029e
SSDEEP

1536:jAFV9Xa0whvy+EOvaEgp9oqfo3BWHA9wpR4iVHuX3nb391TAUB7iYdaMxkYFIy:jAv9qJvAibqPHWOJunb39SIZdrFIy

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bab181e92703a26d672661c95b5b079d_JaffaCakes118
- Size
  
  110KB
- MD5
  
  bab181e92703a26d672661c95b5b079d
- SHA1
  
  fb05b3a3cf48e0e893eb5f3ce7d14b0fbbcdc2e8
- SHA256
  
  9cf193c3028f4b63f0c6aba13b4bd0b1376d993f950a02ca45e49e039d3be8be
- SHA512
  
  b3aa75af13acdae5855946ab1cb0ed5939f084fd5fbeb3c6cf21f5e503b6b7d63590a0c6e35c1915da7903a830a6410b8518bb0223b4799282eb3ef6ff23029e
- SSDEEP
  
  1536:jAFV9Xa0whvy+EOvaEgp9oqfo3BWHA9wpR4iVHuX3nb391TAUB7iYdaMxkYFIy:jAv9qJvAibqPHWOJunb39SIZdrFIy
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2