0af367a6c2d315a0c5f268e413c473f795a7c812636c9f32e3d51a755a72f4b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02269b000b66f0a2b3e37f916c16db61_JaffaCakes118
Size

184KB
Sample

240427-cb476ahe9x
MD5

02269b000b66f0a2b3e37f916c16db61
SHA1

4cea131d8373fd3ba795141d4c8f30cbc88a05e1
SHA256

0af367a6c2d315a0c5f268e413c473f795a7c812636c9f32e3d51a755a72f4b4
SHA512

c0d5e438617ad06a3b7a563f58d8e19fd71baf8fe443d55af9cb51fd012f5b82aa80c9b8625f737ffce558530e96304dfb5b2317ff32337757c573af505d848d
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO39:/7BSH8zUB+nGESaaRvoB7FJNndnY

Score

8^/10

Malware Config

Targets

- Target
  
  02269b000b66f0a2b3e37f916c16db61_JaffaCakes118
- Size
  
  184KB
- MD5
  
  02269b000b66f0a2b3e37f916c16db61
- SHA1
  
  4cea131d8373fd3ba795141d4c8f30cbc88a05e1
- SHA256
  
  0af367a6c2d315a0c5f268e413c473f795a7c812636c9f32e3d51a755a72f4b4
- SHA512
  
  c0d5e438617ad06a3b7a563f58d8e19fd71baf8fe443d55af9cb51fd012f5b82aa80c9b8625f737ffce558530e96304dfb5b2317ff32337757c573af505d848d
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO39:/7BSH8zUB+nGESaaRvoB7FJNndnY
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2