c0c7ada3ed84c4868a819495c8eaffd40590603562774f114b993d6daeae7455 | Triage

Sharing

General

Target

0cfc0b7c1944b60c47ec68044296df9d_JaffaCakes118
Size

66KB
Sample

241002-3ycpjaxdkb
MD5

0cfc0b7c1944b60c47ec68044296df9d
SHA1

c08635d9f26efe6603c4bec0dcf43df71fee2829
SHA256

c0c7ada3ed84c4868a819495c8eaffd40590603562774f114b993d6daeae7455
SHA512

5a2296c9bcdefa015ab58eeab3cf29a1a3fba1feab2ffc8e77d2c1d0a6065dd9d5d4c31a013ff8dbe9c515121f1b130ad8fe0801487960baca8703f639e877bc
SSDEEP

1536:hHzOyM5tJjMyusNYyj5OeHq9/q2ru2uI50CsNdyukfP:RzLWuQOpzr3vsNYFfP

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  0cfc0b7c1944b60c47ec68044296df9d_JaffaCakes118
- Size
  
  66KB
- MD5
  
  0cfc0b7c1944b60c47ec68044296df9d
- SHA1
  
  c08635d9f26efe6603c4bec0dcf43df71fee2829
- SHA256
  
  c0c7ada3ed84c4868a819495c8eaffd40590603562774f114b993d6daeae7455
- SHA512
  
  5a2296c9bcdefa015ab58eeab3cf29a1a3fba1feab2ffc8e77d2c1d0a6065dd9d5d4c31a013ff8dbe9c515121f1b130ad8fe0801487960baca8703f639e877bc
- SSDEEP
  
  1536:hHzOyM5tJjMyusNYyj5OeHq9/q2ru2uI50CsNdyukfP:RzLWuQOpzr3vsNYFfP
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery