59548d67dc5f3e4a3463f0ddaa740361c81012204f9515a3742f0b6795c59c75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ffb1bc2d34f14cfaa56ac004bc46dad_JaffaCakes118
Size

184KB
Sample

240513-r2fd2sae71
MD5

3ffb1bc2d34f14cfaa56ac004bc46dad
SHA1

239ae4d5e99cbc464a482be1e713d3cd24180707
SHA256

59548d67dc5f3e4a3463f0ddaa740361c81012204f9515a3742f0b6795c59c75
SHA512

5421b2777fe5958f227ccb52df52f506b608a5a38a553c676de980330fa9e56688dd79fc2affff49698e41e434fa8e3506a6f5ad97d0f4d52b8d03e0664b8d2c
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3M:/7BSH8zUB+nGESaaRvoB7FJNndnF

Score

8^/10

execution

Malware Config

Targets

- Target
  
  3ffb1bc2d34f14cfaa56ac004bc46dad_JaffaCakes118
- Size
  
  184KB
- MD5
  
  3ffb1bc2d34f14cfaa56ac004bc46dad
- SHA1
  
  239ae4d5e99cbc464a482be1e713d3cd24180707
- SHA256
  
  59548d67dc5f3e4a3463f0ddaa740361c81012204f9515a3742f0b6795c59c75
- SHA512
  
  5421b2777fe5958f227ccb52df52f506b608a5a38a553c676de980330fa9e56688dd79fc2affff49698e41e434fa8e3506a6f5ad97d0f4d52b8d03e0664b8d2c
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3M:/7BSH8zUB+nGESaaRvoB7FJNndnF
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2