305dcca3eaa9539890401fb9f7c41c4aa8e955e9e025dab6a3a3453f92da3fe7 | Triage

Sharing

General

Target

343ecd162f5fada2bc29af0ace227529_JaffaCakes118
Size

184KB
Sample

240511-m28y5sdc9y
MD5

343ecd162f5fada2bc29af0ace227529
SHA1

378abd1a099bc04ca1a03d54b8286fac6af65a15
SHA256

305dcca3eaa9539890401fb9f7c41c4aa8e955e9e025dab6a3a3453f92da3fe7
SHA512

c65f30e97d4b4266402aa9add60ccb19e083bc098735a1848ae8a0772ccce616e98d6bf36912d229decec74ec5d80f7e91426c265cb2096bcd0d49827eeac364
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO36:/7BSH8zUB+nGESaaRvoB7FJNndnP

Score

8^/10

execution

Malware Config

Targets

- Target
  
  343ecd162f5fada2bc29af0ace227529_JaffaCakes118
- Size
  
  184KB
- MD5
  
  343ecd162f5fada2bc29af0ace227529
- SHA1
  
  378abd1a099bc04ca1a03d54b8286fac6af65a15
- SHA256
  
  305dcca3eaa9539890401fb9f7c41c4aa8e955e9e025dab6a3a3453f92da3fe7
- SHA512
  
  c65f30e97d4b4266402aa9add60ccb19e083bc098735a1848ae8a0772ccce616e98d6bf36912d229decec74ec5d80f7e91426c265cb2096bcd0d49827eeac364
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO36:/7BSH8zUB+nGESaaRvoB7FJNndnP
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2