89e9d53f8ca18e358ced05ade7eb22d123764725f848717ce437b397452e3804 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

422570c548493e9b153db64190a9c1e2_JaffaCakes118
Size

184KB
Sample

240514-tva7vsee69
MD5

422570c548493e9b153db64190a9c1e2
SHA1

8b9344ff0c85f4876a18bd6c8ab1c66a6120f33e
SHA256

89e9d53f8ca18e358ced05ade7eb22d123764725f848717ce437b397452e3804
SHA512

51593bffbd28c7e46572cb3176097481db1b8d2242e6c974099559c57b34a7bacd42b22c9cee17b556034ac1e0c9c10d07480faa64c2b947cb58b54a672ee2fe
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3pA:/7BSH8zUB+nGESaaRvoB7FJNndnr

Score

8^/10

execution

Malware Config

Targets

- Target
  
  422570c548493e9b153db64190a9c1e2_JaffaCakes118
- Size
  
  184KB
- MD5
  
  422570c548493e9b153db64190a9c1e2
- SHA1
  
  8b9344ff0c85f4876a18bd6c8ab1c66a6120f33e
- SHA256
  
  89e9d53f8ca18e358ced05ade7eb22d123764725f848717ce437b397452e3804
- SHA512
  
  51593bffbd28c7e46572cb3176097481db1b8d2242e6c974099559c57b34a7bacd42b22c9cee17b556034ac1e0c9c10d07480faa64c2b947cb58b54a672ee2fe
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3pA:/7BSH8zUB+nGESaaRvoB7FJNndnr
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2