9d255619b122a83b1b7dfedb593cab851d3d47c2c493a1156985f21cd0b2c657 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

251d0f5ad253c49dd88e662d428daec0_JaffaCakes118
Size

7KB
Sample

240508-q1rj9ahf88
MD5

251d0f5ad253c49dd88e662d428daec0
SHA1

744226e5d34d282a2173768d0a47cde699f44cf5
SHA256

9d255619b122a83b1b7dfedb593cab851d3d47c2c493a1156985f21cd0b2c657
SHA512

5f5beb7711f3562eadd8558318af91e9e52a1e0eb65115c9b61670c4b056bd3beb707c8202814c888b81c34d20e8f9a15074f56b1f69caf0917721ba455ff100
SSDEEP

192:llBqLcYzOcwiUrAJ21uYgppgc2sArwGmBX1:lSzOqUUYopynvs

Score

8^/10

execution

Malware Config

Targets

- Target
  
  результат_проверки_xls.js
- Size
  
  17KB
- MD5
  
  0c2e83eb8395dd33cef93e5dcaf01239
- SHA1
  
  68d0c34fad1f228e64002e628d12c1261de3dc21
- SHA256
  
  0bc7575a00fce267765739ecc341a2854111a24d6fbc1e09a2295eb8d886ab0a
- SHA512
  
  3506eef56a1027db49be39ad739817a30e41866cd2a126038d1bda7e1587499e8c6d3dff7f3ffcb9614d7b3cf314c2ce42e1d9ff357b15a133f074f1d1bad2e1
- SSDEEP
  
  384:+lG3mrmR2e1FzdVk583vUYHXHpV/nsDI9B7+bPAxBUbkRU6UhxWa482:+lG3mSR2e1FzdVky3vfHPnsXAMwazJb2
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2