5c7e43595cf44065df06757f73de3c063bcdbdb4544b59bbf9a36e4e04abaa78 | Triage

Sharing

General

Target

27fa357e930562e34a72db178ed0df92_JaffaCakes118
Size

789KB
Sample

241009-a58rbsvfnq
MD5

27fa357e930562e34a72db178ed0df92
SHA1

f1271fd8b0dcdb9cc8a9317e943d5335562b798a
SHA256

5c7e43595cf44065df06757f73de3c063bcdbdb4544b59bbf9a36e4e04abaa78
SHA512

c6c74b038e9114aa5717ce5d2923d2059ef6e47889afbe8e6b46faa2f273e6c61c51c9eed5f1f474c8394766fb9648328934244db1536bcdc3c6b40a890a872f
SSDEEP

12288:1O+2laPrR1wSp3gyX5nEEDo45jzzLhcQrjGTF5InL360Z/8ktXjLApb9:1O+2Mt1w23g7Ofz17jGTqjl/hHU

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  27fa357e930562e34a72db178ed0df92_JaffaCakes118
- Size
  
  789KB
- MD5
  
  27fa357e930562e34a72db178ed0df92
- SHA1
  
  f1271fd8b0dcdb9cc8a9317e943d5335562b798a
- SHA256
  
  5c7e43595cf44065df06757f73de3c063bcdbdb4544b59bbf9a36e4e04abaa78
- SHA512
  
  c6c74b038e9114aa5717ce5d2923d2059ef6e47889afbe8e6b46faa2f273e6c61c51c9eed5f1f474c8394766fb9648328934244db1536bcdc3c6b40a890a872f
- SSDEEP
  
  12288:1O+2laPrR1wSp3gyX5nEEDo45jzzLhcQrjGTF5InL360Z/8ktXjLApb9:1O+2Mt1w23g7Ofz17jGTqjl/hHU
Score

7^/10

discovery evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan