50f53ba32d4f47b19083d61a89a2d68a41f8165532e826f1088810e810deaec7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3aeffba82f46b6b7bc3d50ef1fe09ec7_JaffaCakes118
Size

122KB
Sample

240711-19bv9sygkd
MD5

3aeffba82f46b6b7bc3d50ef1fe09ec7
SHA1

0c34bffcba5d2d9e3fc1cf94baf3c1dc1e4e5117
SHA256

50f53ba32d4f47b19083d61a89a2d68a41f8165532e826f1088810e810deaec7
SHA512

692cc4e400e13935ea3b99e0b7d739fe3af09f6e00d51a29bd20ed0eefc620e219ed68d81c28ecf399ff0a1a2a407fcafd3d8a4a81470223fd5ae07485d6c865
SSDEEP

3072:nOUVl+keOATJMJXPdHOdQa/y70ixLT9yNgWOh48jTRlguBF:ntrQqwqANgH3

Score

8^/10

Malware Config

Targets

- Target
  
  3aeffba82f46b6b7bc3d50ef1fe09ec7_JaffaCakes118
- Size
  
  122KB
- MD5
  
  3aeffba82f46b6b7bc3d50ef1fe09ec7
- SHA1
  
  0c34bffcba5d2d9e3fc1cf94baf3c1dc1e4e5117
- SHA256
  
  50f53ba32d4f47b19083d61a89a2d68a41f8165532e826f1088810e810deaec7
- SHA512
  
  692cc4e400e13935ea3b99e0b7d739fe3af09f6e00d51a29bd20ed0eefc620e219ed68d81c28ecf399ff0a1a2a407fcafd3d8a4a81470223fd5ae07485d6c865
- SSDEEP
  
  3072:nOUVl+keOATJMJXPdHOdQa/y70ixLT9yNgWOh48jTRlguBF:ntrQqwqANgH3
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2