ad374887ecbcbe7335f83f61e97fa5381ee6087b9c92cef91891a3112798578e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5070717e02fdc84329e1f8425e6455ab_JaffaCakes118
Size

1.1MB
Sample

240517-t4hnasgg21
MD5

5070717e02fdc84329e1f8425e6455ab
SHA1

7f525e1ce47e0421fb667d773911139e254480c9
SHA256

ad374887ecbcbe7335f83f61e97fa5381ee6087b9c92cef91891a3112798578e
SHA512

3b3ebb9e4a3c4a9c6ac17a86b64ce428bfe0d16faa9f243b58081a7e1617c2e5585e10833ea20efa6e48a4d54cb5f528dea8025852c27cadaba9c7095421cc85
SSDEEP

24576:lBpBDTx9+uzNuY07bmRASnp7bnS/NHNIODf+e:hdx8Ul07bm9pa/NH3p

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  5070717e02fdc84329e1f8425e6455ab_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  5070717e02fdc84329e1f8425e6455ab
- SHA1
  
  7f525e1ce47e0421fb667d773911139e254480c9
- SHA256
  
  ad374887ecbcbe7335f83f61e97fa5381ee6087b9c92cef91891a3112798578e
- SHA512
  
  3b3ebb9e4a3c4a9c6ac17a86b64ce428bfe0d16faa9f243b58081a7e1617c2e5585e10833ea20efa6e48a4d54cb5f528dea8025852c27cadaba9c7095421cc85
- SSDEEP
  
  24576:lBpBDTx9+uzNuY07bmRASnp7bnS/NHNIODf+e:hdx8Ul07bm9pa/NH3p
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2