c3fce4fbbaca468b5ebe96abfb78000e20facbbfc93a1258da1285cb6d3c0ea3 | Triage

Sharing

General

Target

04f6c19769acdc51b8e9e033109366de_JaffaCakes118
Size

184KB
Sample

240428-ma7l1adf7s
MD5

04f6c19769acdc51b8e9e033109366de
SHA1

8b74c4a1354c6e83f39d937b5799d12f8459f050
SHA256

c3fce4fbbaca468b5ebe96abfb78000e20facbbfc93a1258da1285cb6d3c0ea3
SHA512

568891ecf6260543bf4500e9efdb3ccf757b7f9933d476283611683c0fe0baae071d7ba02e9caedecbbfa87b11b43203a3d9c8d3dc4c044cba1ae47f6fb587f8
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3O:/7BSH8zUB+nGESaaRvoB7FJNndnz

Score

8^/10

Malware Config

Targets

- Target
  
  04f6c19769acdc51b8e9e033109366de_JaffaCakes118
- Size
  
  184KB
- MD5
  
  04f6c19769acdc51b8e9e033109366de
- SHA1
  
  8b74c4a1354c6e83f39d937b5799d12f8459f050
- SHA256
  
  c3fce4fbbaca468b5ebe96abfb78000e20facbbfc93a1258da1285cb6d3c0ea3
- SHA512
  
  568891ecf6260543bf4500e9efdb3ccf757b7f9933d476283611683c0fe0baae071d7ba02e9caedecbbfa87b11b43203a3d9c8d3dc4c044cba1ae47f6fb587f8
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3O:/7BSH8zUB+nGESaaRvoB7FJNndnz
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2