9b6d36e9a9f8975ad5067ff8c1f3fd7d31686bc8b85e90871f15ad339f658bb4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22fc9be916028eb7936b77ab8c67d7c1_JaffaCakes118
Size

184KB
Sample

240508-dyd5xsgb9x
MD5

22fc9be916028eb7936b77ab8c67d7c1
SHA1

c50b4b42e04a1f8b6cee4327aa51c48a9ab7f09a
SHA256

9b6d36e9a9f8975ad5067ff8c1f3fd7d31686bc8b85e90871f15ad339f658bb4
SHA512

a3fbeaa8f242bdb80187e178a23120bc4165b400b19f4c88346bf19e2be9e9bf4af060ace42daf7ff01d3c900be9da3b1dd9984f97379ae15fb79119a2ff02c3
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3N:/7BSH8zUB+nGESaaRvoB7FJNndnc

Score

8^/10

execution

Malware Config

Targets

- Target
  
  22fc9be916028eb7936b77ab8c67d7c1_JaffaCakes118
- Size
  
  184KB
- MD5
  
  22fc9be916028eb7936b77ab8c67d7c1
- SHA1
  
  c50b4b42e04a1f8b6cee4327aa51c48a9ab7f09a
- SHA256
  
  9b6d36e9a9f8975ad5067ff8c1f3fd7d31686bc8b85e90871f15ad339f658bb4
- SHA512
  
  a3fbeaa8f242bdb80187e178a23120bc4165b400b19f4c88346bf19e2be9e9bf4af060ace42daf7ff01d3c900be9da3b1dd9984f97379ae15fb79119a2ff02c3
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3N:/7BSH8zUB+nGESaaRvoB7FJNndnc
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2