f44a3de38981562a81661aa37e92cbd1c4fe23c7aed1d7bddca24fe0fd2898fd | Triage

Sharing

General

Target

115cb1c12dface7508952f7b147b667e_JaffaCakes118
Size

18KB
Sample

241004-cd5ayaybnq
MD5

115cb1c12dface7508952f7b147b667e
SHA1

d6168402c07b44e17ead79a1068944ae3462842c
SHA256

f44a3de38981562a81661aa37e92cbd1c4fe23c7aed1d7bddca24fe0fd2898fd
SHA512

6e3dfbc40d268d02fc9281fc7a3938048eb2a4f5f0d34794a8d5f619ae9fcbfea45b815319cc5c194118a19c058649f83ca35dd6788b7c1a44cc05bafa51ac15
SSDEEP

384:JmVdc1jzXrTcbHGzTVW957ZagmpTtjUC0mwaiDtoXl7BlmAYmkBbeXZABfig:adO/XKGXw95tagE0qiu7fYmkBKwi

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  115cb1c12dface7508952f7b147b667e_JaffaCakes118
- Size
  
  18KB
- MD5
  
  115cb1c12dface7508952f7b147b667e
- SHA1
  
  d6168402c07b44e17ead79a1068944ae3462842c
- SHA256
  
  f44a3de38981562a81661aa37e92cbd1c4fe23c7aed1d7bddca24fe0fd2898fd
- SHA512
  
  6e3dfbc40d268d02fc9281fc7a3938048eb2a4f5f0d34794a8d5f619ae9fcbfea45b815319cc5c194118a19c058649f83ca35dd6788b7c1a44cc05bafa51ac15
- SSDEEP
  
  384:JmVdc1jzXrTcbHGzTVW957ZagmpTtjUC0mwaiDtoXl7BlmAYmkBbeXZABfig:adO/XKGXw95tagE0qiu7fYmkBKwi
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery