4d12ee6aa31ef56d6607fbbadade36abe1a0210a6b71643cdf4b94ce0df4d9f5 | Triage

Sharing

General

Target

0ea4bf72c0c43987ecad06856fdfe5e5_JaffaCakes118
Size

184KB
Sample

240502-qvfwkaaa2t
MD5

0ea4bf72c0c43987ecad06856fdfe5e5
SHA1

5edd8ae54c959d25a2b47dede9f53289696810fa
SHA256

4d12ee6aa31ef56d6607fbbadade36abe1a0210a6b71643cdf4b94ce0df4d9f5
SHA512

5fcc417029bcc60cc914b33799d551b1ea3d1c6f214681411feb49dc1f14cc82f929c2349002eb17387642c48be724b64d31efee1551ba6af3414e490eb6e9f3
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3+:/7BSH8zUB+nGESaaRvoB7FJNndnr

Score

8^/10

execution

Malware Config

Targets

- Target
  
  0ea4bf72c0c43987ecad06856fdfe5e5_JaffaCakes118
- Size
  
  184KB
- MD5
  
  0ea4bf72c0c43987ecad06856fdfe5e5
- SHA1
  
  5edd8ae54c959d25a2b47dede9f53289696810fa
- SHA256
  
  4d12ee6aa31ef56d6607fbbadade36abe1a0210a6b71643cdf4b94ce0df4d9f5
- SHA512
  
  5fcc417029bcc60cc914b33799d551b1ea3d1c6f214681411feb49dc1f14cc82f929c2349002eb17387642c48be724b64d31efee1551ba6af3414e490eb6e9f3
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3+:/7BSH8zUB+nGESaaRvoB7FJNndnr
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2