aedcf3fbf86a541786a511b44fc21facd3882f457876d1bc52ee82e2411d1643 | Triage

Sharing

General

Target

bd9edcc0579c302dc9fb9989d32bdbbc_JaffaCakes118
Size

13.6MB
Sample

240824-adxvravejh
MD5

bd9edcc0579c302dc9fb9989d32bdbbc
SHA1

c260ff5a05cac4e8f9da5610665ac7157304b860
SHA256

aedcf3fbf86a541786a511b44fc21facd3882f457876d1bc52ee82e2411d1643
SHA512

ec49ce02455636339c8669d193047bb79e533a8c7337299aeec1a47d0c9049d587a764d315a963285d72c621fb11ab7c7eaae7ada673eed04b3f94a9826fba62
SSDEEP

1536:ouFtmwvPkXVFGkAAPSLoeb+uP4OTry+DsMZaHZKGsX:o8t/3klF1Ab+aa+D7Qw

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  bd9edcc0579c302dc9fb9989d32bdbbc_JaffaCakes118
- Size
  
  13.6MB
- MD5
  
  bd9edcc0579c302dc9fb9989d32bdbbc
- SHA1
  
  c260ff5a05cac4e8f9da5610665ac7157304b860
- SHA256
  
  aedcf3fbf86a541786a511b44fc21facd3882f457876d1bc52ee82e2411d1643
- SHA512
  
  ec49ce02455636339c8669d193047bb79e533a8c7337299aeec1a47d0c9049d587a764d315a963285d72c621fb11ab7c7eaae7ada673eed04b3f94a9826fba62
- SSDEEP
  
  1536:ouFtmwvPkXVFGkAAPSLoeb+uP4OTry+DsMZaHZKGsX:o8t/3klF1Ab+aa+D7Qw
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery