268cb462d234a464e955ec6937bd0869852acf92de8b64ed130c2e880467980b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdab3295c3887a56eb0c2b773aed0b14_JaffaCakes118
Size

6KB
Sample

240929-dgkldazfka
MD5

fdab3295c3887a56eb0c2b773aed0b14
SHA1

feee5afc274c7e829484f42538596f0858d0cebb
SHA256

268cb462d234a464e955ec6937bd0869852acf92de8b64ed130c2e880467980b
SHA512

9bf8009456a26a7f2afeff01197d29cee1044b851e71b8d6590fd800af46f3e17271bc85fb1b34964a18a435accd3c716c7ea90a185a21a59d10d68240042448
SSDEEP

96:wzssjFQoMcEA7d5DdglHxXqaRrcY0zS8Ev0O4gPL:oZQoMpsdkxRrc+8W1PL

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  fdab3295c3887a56eb0c2b773aed0b14_JaffaCakes118
- Size
  
  6KB
- MD5
  
  fdab3295c3887a56eb0c2b773aed0b14
- SHA1
  
  feee5afc274c7e829484f42538596f0858d0cebb
- SHA256
  
  268cb462d234a464e955ec6937bd0869852acf92de8b64ed130c2e880467980b
- SHA512
  
  9bf8009456a26a7f2afeff01197d29cee1044b851e71b8d6590fd800af46f3e17271bc85fb1b34964a18a435accd3c716c7ea90a185a21a59d10d68240042448
- SSDEEP
  
  96:wzssjFQoMcEA7d5DdglHxXqaRrcY0zS8Ev0O4gPL:oZQoMpsdkxRrc+8W1PL
Score

7^/10

discovery defense_evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

defense_evasiondiscovery