c55a314349740617d1e831d1d8cc1ae72ab36b1c5e16a757bbaaabe4393c5939 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

357dca8021813241d47b5c11abb02119_JaffaCakes118
Size

184KB
Sample

240511-tw4wkaab59
MD5

357dca8021813241d47b5c11abb02119
SHA1

49f565e25fea8583fc637c9e1e5dff63a3daed5b
SHA256

c55a314349740617d1e831d1d8cc1ae72ab36b1c5e16a757bbaaabe4393c5939
SHA512

6f0aed820baae316eead84f7e7e58d38dc9c7c235f94697442559c9177d7ee58937f15c4cc10d7a200b05a68ff9fdd1212573e3ef8f305f00168343457978661
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3V:/7BSH8zUB+nGESaaRvoB7FJNndn0

Score

8^/10

execution

Malware Config

Targets

- Target
  
  357dca8021813241d47b5c11abb02119_JaffaCakes118
- Size
  
  184KB
- MD5
  
  357dca8021813241d47b5c11abb02119
- SHA1
  
  49f565e25fea8583fc637c9e1e5dff63a3daed5b
- SHA256
  
  c55a314349740617d1e831d1d8cc1ae72ab36b1c5e16a757bbaaabe4393c5939
- SHA512
  
  6f0aed820baae316eead84f7e7e58d38dc9c7c235f94697442559c9177d7ee58937f15c4cc10d7a200b05a68ff9fdd1212573e3ef8f305f00168343457978661
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3V:/7BSH8zUB+nGESaaRvoB7FJNndn0
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2