e4e59804853999813b55545f0ddb60394f9b02704484f289399ae88b12f3e1ae | Triage

Sharing

General

Target

21ae26a9cddd6a91b1fd53eed9ff3dcb_JaffaCakes118
Size

184KB
Sample

240507-zns2zsfc4y
MD5

21ae26a9cddd6a91b1fd53eed9ff3dcb
SHA1

86986c72ec1f2b23c08b2ab54e67eceb3ab72d93
SHA256

e4e59804853999813b55545f0ddb60394f9b02704484f289399ae88b12f3e1ae
SHA512

32e1b16c66953b4cc7f17f99e83fd7aceb35d367904c807e8de5f12a58e9053614f3b6ac943afcc2ec949dd47908fc352be58f7db4caf3c2668ed20cac314ed2
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO31:/7BSH8zUB+nGESaaRvoB7FJNndnw

Score

8^/10

execution

Malware Config

Targets

- Target
  
  21ae26a9cddd6a91b1fd53eed9ff3dcb_JaffaCakes118
- Size
  
  184KB
- MD5
  
  21ae26a9cddd6a91b1fd53eed9ff3dcb
- SHA1
  
  86986c72ec1f2b23c08b2ab54e67eceb3ab72d93
- SHA256
  
  e4e59804853999813b55545f0ddb60394f9b02704484f289399ae88b12f3e1ae
- SHA512
  
  32e1b16c66953b4cc7f17f99e83fd7aceb35d367904c807e8de5f12a58e9053614f3b6ac943afcc2ec949dd47908fc352be58f7db4caf3c2668ed20cac314ed2
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO31:/7BSH8zUB+nGESaaRvoB7FJNndnw
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2