d405b115d0ad09642feba86a2bb090bcab367cd485208f12d24da85f6bc0e75c | Triage

Sharing

General

Target

34468ed13872fdebbfbdb29970ac83b7_JaffaCakes118
Size

184KB
Sample

240511-m7le2agd79
MD5

34468ed13872fdebbfbdb29970ac83b7
SHA1

33b3107ab58ac701523e5b9c3e020d7eeb5591aa
SHA256

d405b115d0ad09642feba86a2bb090bcab367cd485208f12d24da85f6bc0e75c
SHA512

5d4b2e5ef6c25e6e5b6161b1b6b30241db33671e3c064fe8b418c7c574cd84c6e8d80f122d7ab89fde6e30c4bd8e0384ce5e8a444c431f6d023cee382ae7b548
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3F6:/7BSH8zUB+nGESaaRvoB7FJNndnA6

Score

8^/10

execution

Malware Config

Targets

- Target
  
  34468ed13872fdebbfbdb29970ac83b7_JaffaCakes118
- Size
  
  184KB
- MD5
  
  34468ed13872fdebbfbdb29970ac83b7
- SHA1
  
  33b3107ab58ac701523e5b9c3e020d7eeb5591aa
- SHA256
  
  d405b115d0ad09642feba86a2bb090bcab367cd485208f12d24da85f6bc0e75c
- SHA512
  
  5d4b2e5ef6c25e6e5b6161b1b6b30241db33671e3c064fe8b418c7c574cd84c6e8d80f122d7ab89fde6e30c4bd8e0384ce5e8a444c431f6d023cee382ae7b548
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3F6:/7BSH8zUB+nGESaaRvoB7FJNndnA6
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2