90ec0e0af3d05a61be1be1d3064051b21fbdd1de2c28aaa3004e2ad3699f3143 | Triage

Sharing

General

Target

33f90eee7c0467052a653983db882d9f_JaffaCakes118
Size

184KB
Sample

240511-ls51fsec94
MD5

33f90eee7c0467052a653983db882d9f
SHA1

f5526915b0c6cb659358e740c1fd3911c435d6eb
SHA256

90ec0e0af3d05a61be1be1d3064051b21fbdd1de2c28aaa3004e2ad3699f3143
SHA512

3c44ac0026d2c5587a9ec0158f11d808337c15d9d2094625e5c5fdd6c8fcaf7280c823fcb8b89998da62577c15a86e6803951010ed6f3cb4021ebd9504384cf2
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3EC:/7BSH8zUB+nGESaaRvoB7FJNndnu

Score

8^/10

execution

Malware Config

Targets

- Target
  
  33f90eee7c0467052a653983db882d9f_JaffaCakes118
- Size
  
  184KB
- MD5
  
  33f90eee7c0467052a653983db882d9f
- SHA1
  
  f5526915b0c6cb659358e740c1fd3911c435d6eb
- SHA256
  
  90ec0e0af3d05a61be1be1d3064051b21fbdd1de2c28aaa3004e2ad3699f3143
- SHA512
  
  3c44ac0026d2c5587a9ec0158f11d808337c15d9d2094625e5c5fdd6c8fcaf7280c823fcb8b89998da62577c15a86e6803951010ed6f3cb4021ebd9504384cf2
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3EC:/7BSH8zUB+nGESaaRvoB7FJNndnu
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2