1aa7a2f81f03679d3a45c75ce29aa4659abe0c5eb46b8b4293b8c5f302559c1e | Triage

Sharing

General

Target

055910bede499796d31a906c95078f11_JaffaCakes118
Size

184KB
Sample

240428-rbaqwahb99
MD5

055910bede499796d31a906c95078f11
SHA1

d107b9ad2ea278057cf4c9e12b70e6e70c72040f
SHA256

1aa7a2f81f03679d3a45c75ce29aa4659abe0c5eb46b8b4293b8c5f302559c1e
SHA512

fee900e533eb8dbb4a787c725d030a58cf2a02aa465246f6b19d098794a23dbbaf4a44559a16ee1b38697e0e40aa481c7c9d1d05e9c7f7f662f58f40c04ef6f4
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3BFM:/7BSH8zUB+nGESaaRvoB7FJNndnGe

Score

8^/10

Malware Config

Targets

- Target
  
  055910bede499796d31a906c95078f11_JaffaCakes118
- Size
  
  184KB
- MD5
  
  055910bede499796d31a906c95078f11
- SHA1
  
  d107b9ad2ea278057cf4c9e12b70e6e70c72040f
- SHA256
  
  1aa7a2f81f03679d3a45c75ce29aa4659abe0c5eb46b8b4293b8c5f302559c1e
- SHA512
  
  fee900e533eb8dbb4a787c725d030a58cf2a02aa465246f6b19d098794a23dbbaf4a44559a16ee1b38697e0e40aa481c7c9d1d05e9c7f7f662f58f40c04ef6f4
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3BFM:/7BSH8zUB+nGESaaRvoB7FJNndnGe
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2