b3270e5cf12c33b84cebc1adfea6760acef510d8a0f9b6a2e8a138bee335fdf8 | Triage

Sharing

General

Target

b29de733360a44c81d6df1578a6e213a_JaffaCakes118
Size

122KB
Sample

240821-jft2bawgnd
MD5

b29de733360a44c81d6df1578a6e213a
SHA1

3c634caacb44170bc8a510496ed7b21e7fb75fe4
SHA256

b3270e5cf12c33b84cebc1adfea6760acef510d8a0f9b6a2e8a138bee335fdf8
SHA512

9671a7e2350ac13fb1afd863064cbec67e5d7d06304596fe94bbc3a74b97a8e3e6148e7992c3de8b3f89f989179e6210b01b886aba9fdb1cf9e8087d82a1daba
SSDEEP

3072:3OUVl+ke+ATJsRynhDixQmr6/cu1nT5yQ5tgjTRloyufF:3trYCdiIs0Q

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  b29de733360a44c81d6df1578a6e213a_JaffaCakes118
- Size
  
  122KB
- MD5
  
  b29de733360a44c81d6df1578a6e213a
- SHA1
  
  3c634caacb44170bc8a510496ed7b21e7fb75fe4
- SHA256
  
  b3270e5cf12c33b84cebc1adfea6760acef510d8a0f9b6a2e8a138bee335fdf8
- SHA512
  
  9671a7e2350ac13fb1afd863064cbec67e5d7d06304596fe94bbc3a74b97a8e3e6148e7992c3de8b3f89f989179e6210b01b886aba9fdb1cf9e8087d82a1daba
- SSDEEP
  
  3072:3OUVl+ke+ATJsRynhDixQmr6/cu1nT5yQ5tgjTRloyufF:3trYCdiIs0Q
Score

8^/10

discovery
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2