786fcd8b2594950a4a96901d0a81106f56a588e2f3e385fb4dd28cbc00bf78a2 | Triage

Sharing

General

Target

06899b6c8b69a5bef68860ab6189454a_JaffaCakes118
Size

324KB
Sample

241001-tzwdlayhkj
MD5

06899b6c8b69a5bef68860ab6189454a
SHA1

26c1b20edaf009456294160b54188c5ca65ea001
SHA256

786fcd8b2594950a4a96901d0a81106f56a588e2f3e385fb4dd28cbc00bf78a2
SHA512

9c1bf8c304b9c2d0560f5ef0e4f9adbbbb4b817dab726817f18bc26fd9366c432dd81122636658350b0501a1e24e600ae5c77a7ced0cca1637bdcd72e7ea5f65
SSDEEP

1536:tOJVn4JLlfLJ0UYFqeXx57B4JN5eCD8SlNDSSvHFRiCCVGCWPaeSe+eooOoaoCox:QV4JLlfLIl7B4JN5eI4y

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  06899b6c8b69a5bef68860ab6189454a_JaffaCakes118
- Size
  
  324KB
- MD5
  
  06899b6c8b69a5bef68860ab6189454a
- SHA1
  
  26c1b20edaf009456294160b54188c5ca65ea001
- SHA256
  
  786fcd8b2594950a4a96901d0a81106f56a588e2f3e385fb4dd28cbc00bf78a2
- SHA512
  
  9c1bf8c304b9c2d0560f5ef0e4f9adbbbb4b817dab726817f18bc26fd9366c432dd81122636658350b0501a1e24e600ae5c77a7ced0cca1637bdcd72e7ea5f65
- SSDEEP
  
  1536:tOJVn4JLlfLJ0UYFqeXx57B4JN5eCD8SlNDSSvHFRiCCVGCWPaeSe+eooOoaoCox:QV4JLlfLIl7B4JN5eI4y
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2