bf35831f3131106c23a43b860dbfebe922d44d6ecbae16050075c5372aba5831 | Triage

Sharing

General

Target

00364b5236a8950c33ef1f5c7f060c29_JaffaCakes118
Size

184KB
Sample

240426-hg8qesba31
MD5

00364b5236a8950c33ef1f5c7f060c29
SHA1

0706364ac6004b9b1aed6443c4d2491c779649b8
SHA256

bf35831f3131106c23a43b860dbfebe922d44d6ecbae16050075c5372aba5831
SHA512

9d4fd13cc7f212dd0421fd2c85fe911af106b06b87c10bc0e06b547892ad0e9f0d488365e57160be9745dee4ee8e4027180df8b72a775f26cdb43cd6430596a0
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3yJ:/7BSH8zUB+nGESaaRvoB7FJNndnv

Score

8^/10

Malware Config

Targets

- Target
  
  00364b5236a8950c33ef1f5c7f060c29_JaffaCakes118
- Size
  
  184KB
- MD5
  
  00364b5236a8950c33ef1f5c7f060c29
- SHA1
  
  0706364ac6004b9b1aed6443c4d2491c779649b8
- SHA256
  
  bf35831f3131106c23a43b860dbfebe922d44d6ecbae16050075c5372aba5831
- SHA512
  
  9d4fd13cc7f212dd0421fd2c85fe911af106b06b87c10bc0e06b547892ad0e9f0d488365e57160be9745dee4ee8e4027180df8b72a775f26cdb43cd6430596a0
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3yJ:/7BSH8zUB+nGESaaRvoB7FJNndnv
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2