508830b4b631981b2ce1fd75718ebc428683f4edc7d78ffc27015786765bfcd5 | Triage

Sharing

General

Target

1f27c39cf20a2d94dbc5605cc49128ed_JaffaCakes118
Size

184KB
Sample

240507-c2z15ahd38
MD5

1f27c39cf20a2d94dbc5605cc49128ed
SHA1

5638cca70dc541809de4b6be70addd3c5a2f5dfb
SHA256

508830b4b631981b2ce1fd75718ebc428683f4edc7d78ffc27015786765bfcd5
SHA512

b50c0d7b30230f5221a576620ab76967f5859a787ab7df4e4e0421edacee8c5173cd3e96bf60975d73cefc792ce24b83f85cd61002eaf7871acb26e63b2cfaa3
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3c:/7BSH8zUB+nGESaaRvoB7FJNndn1

Score

8^/10

execution

Malware Config

Targets

- Target
  
  1f27c39cf20a2d94dbc5605cc49128ed_JaffaCakes118
- Size
  
  184KB
- MD5
  
  1f27c39cf20a2d94dbc5605cc49128ed
- SHA1
  
  5638cca70dc541809de4b6be70addd3c5a2f5dfb
- SHA256
  
  508830b4b631981b2ce1fd75718ebc428683f4edc7d78ffc27015786765bfcd5
- SHA512
  
  b50c0d7b30230f5221a576620ab76967f5859a787ab7df4e4e0421edacee8c5173cd3e96bf60975d73cefc792ce24b83f85cd61002eaf7871acb26e63b2cfaa3
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3c:/7BSH8zUB+nGESaaRvoB7FJNndn1
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2