920b97a4725a4504a1d4f18a59b54116a08ac602328217554e196ef7d6911006 | Triage

Sharing

General

Target

2fb1c8a2d4accf7b41f72af8e960b97d_JaffaCakes118
Size

184KB
Sample

240510-sel4rabg4t
MD5

2fb1c8a2d4accf7b41f72af8e960b97d
SHA1

32df585ef4a90442e135e1c43104bbb1100addbe
SHA256

920b97a4725a4504a1d4f18a59b54116a08ac602328217554e196ef7d6911006
SHA512

065d49705904dc3bd726d5f673305f86f7d9e7fed5597021545915fb2fbe73dfbfdc950badb152929dd38aa011e0eef04917d2aef5c86332934254f0caf62a8d
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3E:/7BSH8zUB+nGESaaRvoB7FJNndnN

Score

8^/10

execution

Malware Config

Targets

- Target
  
  2fb1c8a2d4accf7b41f72af8e960b97d_JaffaCakes118
- Size
  
  184KB
- MD5
  
  2fb1c8a2d4accf7b41f72af8e960b97d
- SHA1
  
  32df585ef4a90442e135e1c43104bbb1100addbe
- SHA256
  
  920b97a4725a4504a1d4f18a59b54116a08ac602328217554e196ef7d6911006
- SHA512
  
  065d49705904dc3bd726d5f673305f86f7d9e7fed5597021545915fb2fbe73dfbfdc950badb152929dd38aa011e0eef04917d2aef5c86332934254f0caf62a8d
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3E:/7BSH8zUB+nGESaaRvoB7FJNndnN
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2