e900e28ed7228cc1208b3dae4d124b9e307afcb0abcac3fdad0198a50c570a1f | Triage

Sharing

General

Target

a62b6ebc91ff654ae2f2afdc487afb3b_JaffaCakes118
Size

71KB
Sample

240818-kzpflsygqn
MD5

a62b6ebc91ff654ae2f2afdc487afb3b
SHA1

25f04ebc740f8457a06809f7acf60bed032af2a5
SHA256

e900e28ed7228cc1208b3dae4d124b9e307afcb0abcac3fdad0198a50c570a1f
SHA512

6ec4c924ffca2a2e5c22cb7cdf5e5a50f4e1064ef95fbb5b305dc90eb01bf12f35d8dac55e7ffd592f74977606ccd664d303438f8c8d326441b0efc21e451b6b
SSDEEP

1536:oVIn7vLAsry2eslLS8Ti1nQyd9O3jKVfORHoHof+G00O4:oU/9+vstGGGFO5f+G0w

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  a62b6ebc91ff654ae2f2afdc487afb3b_JaffaCakes118
- Size
  
  71KB
- MD5
  
  a62b6ebc91ff654ae2f2afdc487afb3b
- SHA1
  
  25f04ebc740f8457a06809f7acf60bed032af2a5
- SHA256
  
  e900e28ed7228cc1208b3dae4d124b9e307afcb0abcac3fdad0198a50c570a1f
- SHA512
  
  6ec4c924ffca2a2e5c22cb7cdf5e5a50f4e1064ef95fbb5b305dc90eb01bf12f35d8dac55e7ffd592f74977606ccd664d303438f8c8d326441b0efc21e451b6b
- SSDEEP
  
  1536:oVIn7vLAsry2eslLS8Ti1nQyd9O3jKVfORHoHof+G00O4:oU/9+vstGGGFO5f+G0w
Score

8^/10

discovery
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2