4add94ef0e28097e0b754cdcf5cdf6316ea7747984574da0953d9a63e5d33a84 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

bd248041cc...118.js

windows7-x64

8

bd248041cc...118.js

windows10-2004-x64

8

Sharing

General

Target

bd248041ccc9f9404d133ca7637a36de_JaffaCakes118
Size

643KB
Sample

240404-t19ydace4z
MD5

bd248041ccc9f9404d133ca7637a36de
SHA1

a0160b0fa4ff0101987ef2b2b98a133705c11622
SHA256

4add94ef0e28097e0b754cdcf5cdf6316ea7747984574da0953d9a63e5d33a84
SHA512

b9ad5313e794de5fdb23b38f1fa6a8e2b03d22e3aa456e9be465b56167f6665a86461b80fabedbb2399559ec727cc5fcf525239dbb58293c75b644323d128597
SSDEEP

12288:q19D1UunvDLeSAtdiHc/6u3cIDJYP63AZEua70aa8Q2aGO:q19DpLaSAtmc/A2JC6QZEuM/aGO

Score

8^/10

discovery evasion

Static task

static1

Behavioral task

behavioral1

Sample

bd248041ccc9f9404d133ca7637a36de_JaffaCakes118.js

Resource

win7-20240221-en

discovery evasion

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

bd248041ccc9f9404d133ca7637a36de_JaffaCakes118.js

Resource

win10v2004-20240226-en

discovery evasion

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  bd248041ccc9f9404d133ca7637a36de_JaffaCakes118
- Size
  
  643KB
- MD5
  
  bd248041ccc9f9404d133ca7637a36de
- SHA1
  
  a0160b0fa4ff0101987ef2b2b98a133705c11622
- SHA256
  
  4add94ef0e28097e0b754cdcf5cdf6316ea7747984574da0953d9a63e5d33a84
- SHA512
  
  b9ad5313e794de5fdb23b38f1fa6a8e2b03d22e3aa456e9be465b56167f6665a86461b80fabedbb2399559ec727cc5fcf525239dbb58293c75b644323d128597
- SSDEEP
  
  12288:q19D1UunvDLeSAtdiHc/6u3cIDJYP63AZEua70aa8Q2aGO:q19DpLaSAtmc/A2JC6QZEuM/aGO
Score

8^/10

discovery evasion
- Blocklisted process makes network request
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

File and Directory Permissions Modification

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy