e979ccdbdfa052fecfb83fba3995ef3f10ba37311e162bbd62f7572107d2aad2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c90cf329caf375936938174c676b42c8_JaffaCakes118
Size

467KB
Sample

240829-sb456axfjf
MD5

c90cf329caf375936938174c676b42c8
SHA1

d41dbece3723274159aa0b43dda35ec6cfa3c66f
SHA256

e979ccdbdfa052fecfb83fba3995ef3f10ba37311e162bbd62f7572107d2aad2
SHA512

212021852986697a6ac973b12901fc79b7bc82012b74d246a0a363d98c565bc8f87fad2b7d58c44fe4a5bb9be51f3f4605cf64463a51b28450a31ab35339ac2d
SSDEEP

12288:M/PPS4CrMIL/KDye9jYOJPU+sFyDDLT/AxjnEobdBJlP:MHPS4CrMIL/KDye9jYOJPU+SyDnTmbEy

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c90cf329caf375936938174c676b42c8_JaffaCakes118
- Size
  
  467KB
- MD5
  
  c90cf329caf375936938174c676b42c8
- SHA1
  
  d41dbece3723274159aa0b43dda35ec6cfa3c66f
- SHA256
  
  e979ccdbdfa052fecfb83fba3995ef3f10ba37311e162bbd62f7572107d2aad2
- SHA512
  
  212021852986697a6ac973b12901fc79b7bc82012b74d246a0a363d98c565bc8f87fad2b7d58c44fe4a5bb9be51f3f4605cf64463a51b28450a31ab35339ac2d
- SSDEEP
  
  12288:M/PPS4CrMIL/KDye9jYOJPU+sFyDDLT/AxjnEobdBJlP:MHPS4CrMIL/KDye9jYOJPU+SyDnTmbEy
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2