76fe84bb6113bc9eccbd915b15413478e620732d85417eb1f039f9002b624ccf | Triage

Sharing

General

Target

02105a30bdeeda1e9a755b5ccec82d2e_JaffaCakes118
Size

184KB
Sample

240427-bf1j4age9z
MD5

02105a30bdeeda1e9a755b5ccec82d2e
SHA1

536605e191f5c75217df6334446059611220b200
SHA256

76fe84bb6113bc9eccbd915b15413478e620732d85417eb1f039f9002b624ccf
SHA512

096334aeeaf2254f089036861ff3ca54722f4ed4233a398295e3c7a7c77c64bdb4dc26800382948697561be4f3f62d54bc81dd94ba5f8526653cf8d24a299b85
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3fu:/7BSH8zUB+nGESaaRvoB7FJNndnqu

Score

8^/10

Malware Config

Targets

- Target
  
  02105a30bdeeda1e9a755b5ccec82d2e_JaffaCakes118
- Size
  
  184KB
- MD5
  
  02105a30bdeeda1e9a755b5ccec82d2e
- SHA1
  
  536605e191f5c75217df6334446059611220b200
- SHA256
  
  76fe84bb6113bc9eccbd915b15413478e620732d85417eb1f039f9002b624ccf
- SHA512
  
  096334aeeaf2254f089036861ff3ca54722f4ed4233a398295e3c7a7c77c64bdb4dc26800382948697561be4f3f62d54bc81dd94ba5f8526653cf8d24a299b85
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3fu:/7BSH8zUB+nGESaaRvoB7FJNndnqu
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2