d8b86ce725aa3e531bd473df819314ed0a369a28a9285ad2a290fba848252b0c | Triage

Sharing

General

Target

664e525e4cae54b6ef018da03d5e83c7_JaffaCakes118
Size

136KB
Sample

240723-f4rz3szgmn
MD5

664e525e4cae54b6ef018da03d5e83c7
SHA1

111dea87ddef433dd98a0f03934877037cc26023
SHA256

d8b86ce725aa3e531bd473df819314ed0a369a28a9285ad2a290fba848252b0c
SHA512

5caa65d86b588dcd065921727da23dca452e1376d0a5adde63232609ae3a2ec07612c71f3dad7fb76e58a48c965209f2b43ed2dc76badbc7b068eaf9ee26ae69
SSDEEP

3072:kYAuzenWaIHrc67SeUYJQhdoNQl/kx4xbYI:kYAfnWaILLGYw7l/kq

Score

8^/10

Malware Config

Targets

- Target
  
  664e525e4cae54b6ef018da03d5e83c7_JaffaCakes118
- Size
  
  136KB
- MD5
  
  664e525e4cae54b6ef018da03d5e83c7
- SHA1
  
  111dea87ddef433dd98a0f03934877037cc26023
- SHA256
  
  d8b86ce725aa3e531bd473df819314ed0a369a28a9285ad2a290fba848252b0c
- SHA512
  
  5caa65d86b588dcd065921727da23dca452e1376d0a5adde63232609ae3a2ec07612c71f3dad7fb76e58a48c965209f2b43ed2dc76badbc7b068eaf9ee26ae69
- SSDEEP
  
  3072:kYAuzenWaIHrc67SeUYJQhdoNQl/kx4xbYI:kYAfnWaILLGYw7l/kq
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2