bbdaaeb9ac7792782a1ce526577ccdfcc7ff6a1acd93aab106b3a9d33c6f0e58 | Triage

Sharing

General

Target

1803a16d71f31cc2e2d55f87b2d06560_JaffaCakes118
Size

184KB
Sample

240505-rbzd8sfb84
MD5

1803a16d71f31cc2e2d55f87b2d06560
SHA1

3a468e1305f37461e71d4508bde3b63b60b2604c
SHA256

bbdaaeb9ac7792782a1ce526577ccdfcc7ff6a1acd93aab106b3a9d33c6f0e58
SHA512

e527d15ba35ee98a421b2ec2c3063ba050474bb1a115f56861155454ef461d8c1e003f154e9533806b7011f3a78b010a2ac7e2ff8f4220c122d914e01dbf145b
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3no:/7BSH8zUB+nGESaaRvoB7FJNndnx

Score

8^/10

execution

Malware Config

Targets

- Target
  
  1803a16d71f31cc2e2d55f87b2d06560_JaffaCakes118
- Size
  
  184KB
- MD5
  
  1803a16d71f31cc2e2d55f87b2d06560
- SHA1
  
  3a468e1305f37461e71d4508bde3b63b60b2604c
- SHA256
  
  bbdaaeb9ac7792782a1ce526577ccdfcc7ff6a1acd93aab106b3a9d33c6f0e58
- SHA512
  
  e527d15ba35ee98a421b2ec2c3063ba050474bb1a115f56861155454ef461d8c1e003f154e9533806b7011f3a78b010a2ac7e2ff8f4220c122d914e01dbf145b
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3no:/7BSH8zUB+nGESaaRvoB7FJNndnx
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2