2bb3b27d40bd8db4533c4ad03aa4bd1d7ad78a7190a076feceed93f15fc9d4f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

041b781fef995066fdce0a391bdbc44f_JaffaCakes118
Size

184KB
Sample

240428-b8tbgsdh6w
MD5

041b781fef995066fdce0a391bdbc44f
SHA1

8857f2f98a16dbe7e83f156d562b26c92ea82aa2
SHA256

2bb3b27d40bd8db4533c4ad03aa4bd1d7ad78a7190a076feceed93f15fc9d4f6
SHA512

3170993f3cfc4882479cd8c51688ee141121fa3d666a99d2398faca8062170b14cdb936144b0ec0e6aa6f92172f83cc3ce3c87876cb6aae1d01dfefc768da124
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34:/7BSH8zUB+nGESaaRvoB7FJNndnR

Score

8^/10

Malware Config

Targets

- Target
  
  041b781fef995066fdce0a391bdbc44f_JaffaCakes118
- Size
  
  184KB
- MD5
  
  041b781fef995066fdce0a391bdbc44f
- SHA1
  
  8857f2f98a16dbe7e83f156d562b26c92ea82aa2
- SHA256
  
  2bb3b27d40bd8db4533c4ad03aa4bd1d7ad78a7190a076feceed93f15fc9d4f6
- SHA512
  
  3170993f3cfc4882479cd8c51688ee141121fa3d666a99d2398faca8062170b14cdb936144b0ec0e6aa6f92172f83cc3ce3c87876cb6aae1d01dfefc768da124
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34:/7BSH8zUB+nGESaaRvoB7FJNndnR
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2