04ad32b36fbe766ea2d74ec3d5161fafe9eb80e316423f53d6309a0e7cb29c32 | Triage

Sharing

General

Target

349d7020910ce946634a3ccebbac3337_JaffaCakes118
Size

184KB
Sample

240511-psvfhagb6w
MD5

349d7020910ce946634a3ccebbac3337
SHA1

4f5e35fb2aeafcf7490c058dd64a1271c747c6f6
SHA256

04ad32b36fbe766ea2d74ec3d5161fafe9eb80e316423f53d6309a0e7cb29c32
SHA512

45cbd79933732a73a95d7e994a57d5860a6f00f05631394f59a32a0721ffae1d3ac6d83aa9df288926434e76d19d426faadc97d3f402cd7879f48f6d3edef6e9
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3j1:/7BSH8zUB+nGESaaRvoB7FJNndnQ

Score

8^/10

execution

Malware Config

Targets

- Target
  
  349d7020910ce946634a3ccebbac3337_JaffaCakes118
- Size
  
  184KB
- MD5
  
  349d7020910ce946634a3ccebbac3337
- SHA1
  
  4f5e35fb2aeafcf7490c058dd64a1271c747c6f6
- SHA256
  
  04ad32b36fbe766ea2d74ec3d5161fafe9eb80e316423f53d6309a0e7cb29c32
- SHA512
  
  45cbd79933732a73a95d7e994a57d5860a6f00f05631394f59a32a0721ffae1d3ac6d83aa9df288926434e76d19d426faadc97d3f402cd7879f48f6d3edef6e9
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3j1:/7BSH8zUB+nGESaaRvoB7FJNndnQ
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2