de170410677cba3d0bfb2730d3a57698d145d746db9017a00d90f40c2d00ba62 | Triage

Sharing

General

Target

023348ca4e4f3ccf2383fbabde18ade2_JaffaCakes118
Size

80KB
Sample

240930-tlqk7ayame
MD5

023348ca4e4f3ccf2383fbabde18ade2
SHA1

57b9fa02b972199eba688454bc8aea6232636c19
SHA256

de170410677cba3d0bfb2730d3a57698d145d746db9017a00d90f40c2d00ba62
SHA512

60b2dbb5b4f46e90aea5db7196596e443aa333adc315db400495effba9671cefc186742c1bf20c9c8f16f0c3b36d589ba82c3bac8770e817abdc4efd0a6efc29
SSDEEP

1536:UoQGmXxgtpRKZbKv8siTALAao/gBuH/tHsm:4/KpRTn72SM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  023348ca4e4f3ccf2383fbabde18ade2_JaffaCakes118
- Size
  
  80KB
- MD5
  
  023348ca4e4f3ccf2383fbabde18ade2
- SHA1
  
  57b9fa02b972199eba688454bc8aea6232636c19
- SHA256
  
  de170410677cba3d0bfb2730d3a57698d145d746db9017a00d90f40c2d00ba62
- SHA512
  
  60b2dbb5b4f46e90aea5db7196596e443aa333adc315db400495effba9671cefc186742c1bf20c9c8f16f0c3b36d589ba82c3bac8770e817abdc4efd0a6efc29
- SSDEEP
  
  1536:UoQGmXxgtpRKZbKv8siTALAao/gBuH/tHsm:4/KpRTn72SM
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2