5f88c33d0660602a5618aebce596ebded60d55fc4bcbaac1871dce8abe84c9c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6ee676bbc20a7fcbde856fd1576a5b5_JaffaCakes118
Size

77KB
Sample

240925-1s1s3ashkd
MD5

f6ee676bbc20a7fcbde856fd1576a5b5
SHA1

ac6102094efc9ebbdcffa17f2f795dd7b34d76aa
SHA256

5f88c33d0660602a5618aebce596ebded60d55fc4bcbaac1871dce8abe84c9c5
SHA512

27da41f3999224a2c6be2246a8d3bacb1f67453935b64e9d25b93065e0c105535fb60f70d4026bf20e77bd5e5164950d2d74027e7ed055372c973b33e5783717
SSDEEP

1536:tFXPgRBJgXzlS2o3YLH0QxccjJ6+zKRuon4oSGqEW8VPbqWL4tMDDX:t1EBJgXzxo38H0Qxc6J6OKxn4lGqyNbt

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  f6ee676bbc20a7fcbde856fd1576a5b5_JaffaCakes118
- Size
  
  77KB
- MD5
  
  f6ee676bbc20a7fcbde856fd1576a5b5
- SHA1
  
  ac6102094efc9ebbdcffa17f2f795dd7b34d76aa
- SHA256
  
  5f88c33d0660602a5618aebce596ebded60d55fc4bcbaac1871dce8abe84c9c5
- SHA512
  
  27da41f3999224a2c6be2246a8d3bacb1f67453935b64e9d25b93065e0c105535fb60f70d4026bf20e77bd5e5164950d2d74027e7ed055372c973b33e5783717
- SSDEEP
  
  1536:tFXPgRBJgXzlS2o3YLH0QxccjJ6+zKRuon4oSGqEW8VPbqWL4tMDDX:t1EBJgXzxo38H0Qxc6J6OKxn4lGqyNbt
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  99bc22826a0568dce241be3a4ffd0c0d
- SHA1
  
  62e4662250abdf10d23a61076fd7cbd00a5c5b6f
- SHA256
  
  120e4fac0538b7e7b75934706668063a4e7785d0405dca43fde36d55f6d968de
- SHA512
  
  35b016b6e2dc850e5432becd57f35faf73b180c0a6f822a406cf9d5439a87126c41c49aac025cdeecd38bbd01705ddbd8c217cb33134e978ecc9624053b52be9
- SSDEEP
  
  384:sKlm7i+c3QW6ckPhyDEaLnr2bbBBIXwZ:5qi8BcyhEhLCbbTI
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/Loader.dll
- Size
  
  12KB
- MD5
  
  cdb34032ee77bc27e0fa63a5f7193d67
- SHA1
  
  c8b656a759dc195b5f18304c6a891fc99332633a
- SHA256
  
  2c81b302660bd106c7e34c6c4eb990756a63713785658b9553a1a3cf9fc784f3
- SHA512
  
  a6617ea4bbbfd74664390706752a482c7557c7e960023ef94cce5f3eb182d2b47c9f108c0daa61b0fef79b951f4c3fc18b19581e5e5cce097b201d05e7969238
- SSDEEP
  
  96:AE0j2lHOklGWpRQdgKTWmuZn8o9dV0Ah1OqmA3YQ5+kgtO2j9K9dKFmx:AEVlGuRVKTro8o9dV06mKKF6dKFm
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  ecodec.exe
- Size
  
  20KB
- MD5
  
  1a903452323d53dcdde9f84b9c861cfd
- SHA1
  
  fd0c5332f18e813676165f3b50cac61d5b9305e3
- SHA256
  
  9b3d972e15b625367e7737238891a789fe98e99c6a03faa25bd67d16459e59a5
- SHA512
  
  a7d71d8f41102a09126976e96409a0ca8c0ebe664378ca781cd9ccd631ad156e2a8e80ef3daeeb4f6ec49188022eb56a01e534ce76b0ae47f4190585d0aac785
- SSDEEP
  
  384:IibhcmwBpLN4o47+7CLm+fUnzIxLFSNQHVOc2oOrmydA/y9yL4/AjtXdwY:Ii9AGsh+fUUxwQgc8fP9k3jwY
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral7 behavioral8
- Target
  
  uninst.exe
- Size
  
  37KB
- MD5
  
  ccd2f78657e8eee813f1f73dd55052c9
- SHA1
  
  752c8fae6799b320300ad90812e7358618594b14
- SHA256
  
  e76c763d906d88e28c08b54008e8d6e45e790d3d8da6e7b068fd987f6d3fef93
- SHA512
  
  6320533afedb1994ea1e4f2c2980ef8e36408d4ad39370e70196aa8a03ee13313e6d11f51a764ba0d77569d8ccd54f823b1c3f80f10926bf9c06e4b7a83cfb1d
- SSDEEP
  
  768:lXYMqEWsXngRBOmBSXzDsnkUr2RaNp/KPba7Qxcc09bftgo:tFXPgRBJgXzlS2o3yP0Qxcc09j6o
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

defense_evasiondiscovery

behavioral8

defense_evasiondiscovery

behavioral9

behavioral10