02ceb479a7e2c6479c9f087a7584a8a7c875c9bacdbff33ac66c0c584839e5cf | Triage

Sharing

General

Target

2d7a5218cf398889972c481ac03b4884_JaffaCakes118
Size

184KB
Sample

240510-fnae4afg96
MD5

2d7a5218cf398889972c481ac03b4884
SHA1

606db8a4498673c603cf3b03e6e6bf42d84c282c
SHA256

02ceb479a7e2c6479c9f087a7584a8a7c875c9bacdbff33ac66c0c584839e5cf
SHA512

b3d549c68ea0b7f27f8d69e616167e076e44f5635db6a7fb1a6f0747c2ac86997ea0e5dc2f7cc3b1095c494b7637a199d1deb5cbd293e9d6b16ff53914f7abff
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3E:/7BSH8zUB+nGESaaRvoB7FJNndnR

Score

8^/10

execution

Malware Config

Targets

- Target
  
  2d7a5218cf398889972c481ac03b4884_JaffaCakes118
- Size
  
  184KB
- MD5
  
  2d7a5218cf398889972c481ac03b4884
- SHA1
  
  606db8a4498673c603cf3b03e6e6bf42d84c282c
- SHA256
  
  02ceb479a7e2c6479c9f087a7584a8a7c875c9bacdbff33ac66c0c584839e5cf
- SHA512
  
  b3d549c68ea0b7f27f8d69e616167e076e44f5635db6a7fb1a6f0747c2ac86997ea0e5dc2f7cc3b1095c494b7637a199d1deb5cbd293e9d6b16ff53914f7abff
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3E:/7BSH8zUB+nGESaaRvoB7FJNndnR
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2