6c13431566c25d6b4c65b44218c49fffb049ff78ff3af623fc54093697d22041 | Triage

Sharing

General

Target

1853bc188e2fd26cb745567a088cd6c9_JaffaCakes118
Size

13KB
Sample

240505-s5bqpshb54
MD5

1853bc188e2fd26cb745567a088cd6c9
SHA1

daaf8cb84a5fcd9fed87ca212c7530b59547190e
SHA256

6c13431566c25d6b4c65b44218c49fffb049ff78ff3af623fc54093697d22041
SHA512

80b13bbb1e34dcd7df0b97fbcd3957dded8ed176fb9bddd2f042c3748b4ef5107d752a1671bcab94b70ef01d08925f9f6f4aa8b440e11b1ac7b54b443f7ace1c
SSDEEP

192:V1t0rlaqaUwBh8fW6hlp95IvhtqAKjoig4XQEqiNkTZQqJiScsnZN+MqRyzVwy6d:6BmQQkAwoJ4AEq4w6qJdccq0zVj0N

Score

8^/10

Malware Config

Targets

- Target
  
  moeQG.wsf
- Size
  
  28KB
- MD5
  
  32f507328c0210778ffe190a6281395b
- SHA1
  
  e741192b9e7df7d261fa2ec511ccf5e628d2688e
- SHA256
  
  79a9959b3d969c91d3603b82316d6c78d744389d7fd22dea8b61353a6fd60cd5
- SHA512
  
  025afddd8ffd83550da90117169954e52988bc3a5d29de396f4e0e4a397732ae697bc4e914a1f8132430c4e61afc6a44b502daaee61ebd53a2bc07cadab29b83
- SSDEEP
  
  384:aIryoy9vKxPTN4qshQx1OFd20vFLgPePqDuIIfzdC0:H2oy9kP20P4d79Lg2qDurpC0
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2