28a21448d2c149184f9e11a3d674eb0d0ce49dc0e2fd63182da2d0aff0be05ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

387d731a37f6ce86ea1b7e3507edacd5_JaffaCakes118
Size

9.9MB
Sample

240512-f59lhsag4v
MD5

387d731a37f6ce86ea1b7e3507edacd5
SHA1

34a8fe589b8cd90b8f2d7bb6245f4085a742d6e8
SHA256

28a21448d2c149184f9e11a3d674eb0d0ce49dc0e2fd63182da2d0aff0be05ad
SHA512

a6ca16244fdddfa58f37237571afaa4c5abc51d625f27a505256d2137bbf40036f32e30a89bdd7f8a75158e66a5b0abd22a5b380369f00f991eee5ace5039a8b
SSDEEP

196608:O5aFmOjdHFsiKRp8Q0XCEfiuvgxYIdpXcPEY6IR89i2B0vXMeBBjpqj8+19u/3j:O5at3Q0yyp3nFG9iUDzu/z

Score

8^/10

execution

Malware Config

Targets

- Target
  
  387d731a37f6ce86ea1b7e3507edacd5_JaffaCakes118
- Size
  
  9.9MB
- MD5
  
  387d731a37f6ce86ea1b7e3507edacd5
- SHA1
  
  34a8fe589b8cd90b8f2d7bb6245f4085a742d6e8
- SHA256
  
  28a21448d2c149184f9e11a3d674eb0d0ce49dc0e2fd63182da2d0aff0be05ad
- SHA512
  
  a6ca16244fdddfa58f37237571afaa4c5abc51d625f27a505256d2137bbf40036f32e30a89bdd7f8a75158e66a5b0abd22a5b380369f00f991eee5ace5039a8b
- SSDEEP
  
  196608:O5aFmOjdHFsiKRp8Q0XCEfiuvgxYIdpXcPEY6IR89i2B0vXMeBBjpqj8+19u/3j:O5at3Q0yyp3nFG9iUDzu/z
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2