d2aa4f9d6264bebd0bd727f872f81bc1211caf8ddbc0486812cce307806fb52b | Triage

Sharing

General

Target

bcd84f4d5b259a74fa23fef45a79d004_JaffaCakes118
Size

11KB
Sample

240823-xx6nbstenp
MD5

bcd84f4d5b259a74fa23fef45a79d004
SHA1

6d630da11ecf4d20f6312948a4ac1dd5411ac4a9
SHA256

d2aa4f9d6264bebd0bd727f872f81bc1211caf8ddbc0486812cce307806fb52b
SHA512

2b79b5aef45235d26e17ec29edf235f8e6b3ed8f64fc45f109dc7b795ec92e1c202153131f00b106d3f482f80f23f23c163f61f6b31cee7e2161ff4aeb7a5b30
SSDEEP

192:l8tWLJ3YcEpiNxsbROWxES7WV9mWGECIsWIGBW4B:lMW13YcOiklOWxEuWV9mrEoWIGBWm

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  bcd84f4d5b259a74fa23fef45a79d004_JaffaCakes118
- Size
  
  11KB
- MD5
  
  bcd84f4d5b259a74fa23fef45a79d004
- SHA1
  
  6d630da11ecf4d20f6312948a4ac1dd5411ac4a9
- SHA256
  
  d2aa4f9d6264bebd0bd727f872f81bc1211caf8ddbc0486812cce307806fb52b
- SHA512
  
  2b79b5aef45235d26e17ec29edf235f8e6b3ed8f64fc45f109dc7b795ec92e1c202153131f00b106d3f482f80f23f23c163f61f6b31cee7e2161ff4aeb7a5b30
- SSDEEP
  
  192:l8tWLJ3YcEpiNxsbROWxES7WV9mWGECIsWIGBW4B:lMW13YcOiklOWxEuWV9mrEoWIGBWm
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery