263508a66db969905df2cb54fbbafd2a8e0ee3a98cbf9e949d44bca3be35db17 | Triage

Sharing

General

Target

30992eaa7909ebae8dff8881e3a3c5ec_JaffaCakes118
Size

184KB
Sample

240510-xvje1scf61
MD5

30992eaa7909ebae8dff8881e3a3c5ec
SHA1

23f9c544304a339e429573aed7a91287dd0f53a7
SHA256

263508a66db969905df2cb54fbbafd2a8e0ee3a98cbf9e949d44bca3be35db17
SHA512

80944808c5b80cb1f897f01be1ca442094aae4c90bca3c168b36d4ed45f03464818fab38ca1bc11db1d48ffa610e2324eeb4dfe92a7bbce4ce19784611caa291
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34:/7BSH8zUB+nGESaaRvoB7FJNndnl

Score

8^/10

execution

Malware Config

Targets

- Target
  
  30992eaa7909ebae8dff8881e3a3c5ec_JaffaCakes118
- Size
  
  184KB
- MD5
  
  30992eaa7909ebae8dff8881e3a3c5ec
- SHA1
  
  23f9c544304a339e429573aed7a91287dd0f53a7
- SHA256
  
  263508a66db969905df2cb54fbbafd2a8e0ee3a98cbf9e949d44bca3be35db17
- SHA512
  
  80944808c5b80cb1f897f01be1ca442094aae4c90bca3c168b36d4ed45f03464818fab38ca1bc11db1d48ffa610e2324eeb4dfe92a7bbce4ce19784611caa291
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34:/7BSH8zUB+nGESaaRvoB7FJNndnl
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2