e08043755269f6905b0042d9ab8db218d3a64b20ee72305e0beb337a82d06ae8 | Triage

Sharing

General

Target

07d0c2dca5e733ac8e3617f80cb8809e_JaffaCakes118
Size

41KB
Sample

241001-27ls5ayhrf
MD5

07d0c2dca5e733ac8e3617f80cb8809e
SHA1

ff752513bfb17eff79214813c15622613e946ed1
SHA256

e08043755269f6905b0042d9ab8db218d3a64b20ee72305e0beb337a82d06ae8
SHA512

d15ef1432dad50b51a41e1c361e25d8b3a5ec52084957af26d9e700a896cd3a99c15b0d06eabd4e127a76150a5e1bf6009bc2c2f016ae4795cb29abbdc99e7a1
SSDEEP

768:QGBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnAoNE/W5dRV8:fW1ZIZqI9opm6AIHIjzmUZNzd

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  07d0c2dca5e733ac8e3617f80cb8809e_JaffaCakes118
- Size
  
  41KB
- MD5
  
  07d0c2dca5e733ac8e3617f80cb8809e
- SHA1
  
  ff752513bfb17eff79214813c15622613e946ed1
- SHA256
  
  e08043755269f6905b0042d9ab8db218d3a64b20ee72305e0beb337a82d06ae8
- SHA512
  
  d15ef1432dad50b51a41e1c361e25d8b3a5ec52084957af26d9e700a896cd3a99c15b0d06eabd4e127a76150a5e1bf6009bc2c2f016ae4795cb29abbdc99e7a1
- SSDEEP
  
  768:QGBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnAoNE/W5dRV8:fW1ZIZqI9opm6AIHIjzmUZNzd
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery