43c8fbb029832e8a6fb3a2388734a8c437d8a0ae9d94610861a00b8416dbe5d1 | Triage

Sharing

General

Target

34801221c637f0041d719f3895f4c1f5_JaffaCakes118
Size

184KB
Sample

240511-n9rv9sfb9w
MD5

34801221c637f0041d719f3895f4c1f5
SHA1

b6e54032b6ff5a60bdf1e68fd8a939f8c848db2e
SHA256

43c8fbb029832e8a6fb3a2388734a8c437d8a0ae9d94610861a00b8416dbe5d1
SHA512

04b3d309e387d9f3c5d45051272b9ab616b48cb18409107e5db74a8dd44817297e8c2e3e24d4f0599933b9a21a6701a91f20c32a0569bf28d5f320f63de2697e
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3M:/7BSH8zUB+nGESaaRvoB7FJNndnl

Score

8^/10

execution

Malware Config

Targets

- Target
  
  34801221c637f0041d719f3895f4c1f5_JaffaCakes118
- Size
  
  184KB
- MD5
  
  34801221c637f0041d719f3895f4c1f5
- SHA1
  
  b6e54032b6ff5a60bdf1e68fd8a939f8c848db2e
- SHA256
  
  43c8fbb029832e8a6fb3a2388734a8c437d8a0ae9d94610861a00b8416dbe5d1
- SHA512
  
  04b3d309e387d9f3c5d45051272b9ab616b48cb18409107e5db74a8dd44817297e8c2e3e24d4f0599933b9a21a6701a91f20c32a0569bf28d5f320f63de2697e
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3M:/7BSH8zUB+nGESaaRvoB7FJNndnl
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2