b48326823cad0a141724e6c6d8a8d0a1f3fd5195a1aed03354a2ccadaf873c38 | Triage

Sharing

General

Target

54e0b0172b252617b3fb96f6e899eff3_JaffaCakes118
Size

90KB
Sample

241018-cg45catarl
MD5

54e0b0172b252617b3fb96f6e899eff3
SHA1

b46e5c4f484fb43d47de75a5b2fd26558335d3c7
SHA256

b48326823cad0a141724e6c6d8a8d0a1f3fd5195a1aed03354a2ccadaf873c38
SHA512

b5d3c85b702b50ecf61947c76cd3665654a7cd81ee203b9bc3c0aaaa52c738562c0d74542f54fb7497155fb5245cdc14063ebc9e46d6146edc33b4ce67e5044f
SSDEEP

1536:hgYPhQXwIiPrrjThO+lUBrzCxry1ec7rUyj239auh53RdXFwW:KYP2XerzhOUxu/XUtauzDFwW

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  54e0b0172b252617b3fb96f6e899eff3_JaffaCakes118
- Size
  
  90KB
- MD5
  
  54e0b0172b252617b3fb96f6e899eff3
- SHA1
  
  b46e5c4f484fb43d47de75a5b2fd26558335d3c7
- SHA256
  
  b48326823cad0a141724e6c6d8a8d0a1f3fd5195a1aed03354a2ccadaf873c38
- SHA512
  
  b5d3c85b702b50ecf61947c76cd3665654a7cd81ee203b9bc3c0aaaa52c738562c0d74542f54fb7497155fb5245cdc14063ebc9e46d6146edc33b4ce67e5044f
- SSDEEP
  
  1536:hgYPhQXwIiPrrjThO+lUBrzCxry1ec7rUyj239auh53RdXFwW:KYP2XerzhOUxu/XUtauzDFwW
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery