5b0464e23f73a1f6416cb4ecb71ac76f2d797eaf50cd28868868ddcf221f1140 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37ddd1a189536043e200f45378c841e8_JaffaCakes118
Size

191KB
Sample

240512-db4r3aga62
MD5

37ddd1a189536043e200f45378c841e8
SHA1

18a3050a309a86d3f722d520ee6cef2b8e0000bf
SHA256

5b0464e23f73a1f6416cb4ecb71ac76f2d797eaf50cd28868868ddcf221f1140
SHA512

63f46a266a85508eba5d53e368417195cce1e10e254b0ce2ba844593b561f01cfed09a2f8ac6d63c4969dc824ad133658daf5a469226e02740d389a2b25e7c3e
SSDEEP

3072:HADWbKzKbQmSVdSme+xmJyD4BliqzsmmEpEmboQd+ccewkyeZyYPuvGCJ30EZ0di:HAVySV1eY4k437d+4wkTHdS2yV

Score

7^/10

Malware Config

Targets

- Target
  
  37ddd1a189536043e200f45378c841e8_JaffaCakes118
- Size
  
  191KB
- MD5
  
  37ddd1a189536043e200f45378c841e8
- SHA1
  
  18a3050a309a86d3f722d520ee6cef2b8e0000bf
- SHA256
  
  5b0464e23f73a1f6416cb4ecb71ac76f2d797eaf50cd28868868ddcf221f1140
- SHA512
  
  63f46a266a85508eba5d53e368417195cce1e10e254b0ce2ba844593b561f01cfed09a2f8ac6d63c4969dc824ad133658daf5a469226e02740d389a2b25e7c3e
- SSDEEP
  
  3072:HADWbKzKbQmSVdSme+xmJyD4BliqzsmmEpEmboQd+ccewkyeZyYPuvGCJ30EZ0di:HAVySV1eY4k437d+4wkTHdS2yV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2