1156482b8f1bec82e0b67e0d7cea60501256ef0d75a321d5c068fe1cffe31fe4 | Triage

Sharing

General

Target

340ea24d6ed504ce81d6f74cfcd78b2f_JaffaCakes118
Size

184KB
Sample

240511-l71dhseh59
MD5

340ea24d6ed504ce81d6f74cfcd78b2f
SHA1

e40404d9630208c0930c671b1555a92939423908
SHA256

1156482b8f1bec82e0b67e0d7cea60501256ef0d75a321d5c068fe1cffe31fe4
SHA512

a3a1c43a15a878957477aa7078604f381797a37994f427545f27d83942ca71d7855f7854e2a2efa45bd2bf8b9f801012c8753c85f15abd360c9238e25892b884
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3s:/7BSH8zUB+nGESaaRvoB7FJNndnN

Score

8^/10

execution

Malware Config

Targets

- Target
  
  340ea24d6ed504ce81d6f74cfcd78b2f_JaffaCakes118
- Size
  
  184KB
- MD5
  
  340ea24d6ed504ce81d6f74cfcd78b2f
- SHA1
  
  e40404d9630208c0930c671b1555a92939423908
- SHA256
  
  1156482b8f1bec82e0b67e0d7cea60501256ef0d75a321d5c068fe1cffe31fe4
- SHA512
  
  a3a1c43a15a878957477aa7078604f381797a37994f427545f27d83942ca71d7855f7854e2a2efa45bd2bf8b9f801012c8753c85f15abd360c9238e25892b884
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3s:/7BSH8zUB+nGESaaRvoB7FJNndnN
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2