7acc142b88a8b3b61f827aa0c5b7dae4bc1eca72ef8f8e50f833ec2e8d48bd2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb31ac3a4299c5e30ebb5a3df7c226cc_JaffaCakes118
Size

68KB
Sample

240928-a326rszhka
MD5

fb31ac3a4299c5e30ebb5a3df7c226cc
SHA1

c00e4fe8461e28912b4359a798b0764b1602da64
SHA256

7acc142b88a8b3b61f827aa0c5b7dae4bc1eca72ef8f8e50f833ec2e8d48bd2a
SHA512

8239015817d10905ffe4ea8b999f6682d18237d81bb8e0cd8201c20c71448d87a828106f6f9a738295bbef18583c68b811e92c021cacefc934b35b13903250b4
SSDEEP

1536:CA/dQEfKpgqulUoR5nnbcumnz/WQYynJN6:CA/dQEfKpOtb0pYynJN6

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  fb31ac3a4299c5e30ebb5a3df7c226cc_JaffaCakes118
- Size
  
  68KB
- MD5
  
  fb31ac3a4299c5e30ebb5a3df7c226cc
- SHA1
  
  c00e4fe8461e28912b4359a798b0764b1602da64
- SHA256
  
  7acc142b88a8b3b61f827aa0c5b7dae4bc1eca72ef8f8e50f833ec2e8d48bd2a
- SHA512
  
  8239015817d10905ffe4ea8b999f6682d18237d81bb8e0cd8201c20c71448d87a828106f6f9a738295bbef18583c68b811e92c021cacefc934b35b13903250b4
- SSDEEP
  
  1536:CA/dQEfKpgqulUoR5nnbcumnz/WQYynJN6:CA/dQEfKpOtb0pYynJN6
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery