fd35846a4d34094b2c532fec3dc7b43aab0846647773007a81446e23f154932a | Triage

Sharing

General

Target

2159a412ed1fc9abd38f60ff08a65958_JaffaCakes118
Size

184KB
Sample

240507-xy925sdh49
MD5

2159a412ed1fc9abd38f60ff08a65958
SHA1

fab9629e4a12672d31a10247ba06841849a59af9
SHA256

fd35846a4d34094b2c532fec3dc7b43aab0846647773007a81446e23f154932a
SHA512

bfb8b161837c2875fba74d15ad6cc2cf7fd4250e1e50998521e03eb9e31322d0c3273daf9105d310e9dc8f66d6ba3988d295d6d729c1126e3846457e7b15bdc1
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3q:/7BSH8zUB+nGESaaRvoB7FJNndnT

Score

8^/10

execution

Malware Config

Targets

- Target
  
  2159a412ed1fc9abd38f60ff08a65958_JaffaCakes118
- Size
  
  184KB
- MD5
  
  2159a412ed1fc9abd38f60ff08a65958
- SHA1
  
  fab9629e4a12672d31a10247ba06841849a59af9
- SHA256
  
  fd35846a4d34094b2c532fec3dc7b43aab0846647773007a81446e23f154932a
- SHA512
  
  bfb8b161837c2875fba74d15ad6cc2cf7fd4250e1e50998521e03eb9e31322d0c3273daf9105d310e9dc8f66d6ba3988d295d6d729c1126e3846457e7b15bdc1
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3q:/7BSH8zUB+nGESaaRvoB7FJNndnT
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2