525a6eec68dee499c5b10471a43c258b655f9b1ad806f177814d2ec717641ec8 | Triage

Sharing

General

Target

427e4f71aea2a7dae54914dd87754096_JaffaCakes118
Size

184KB
Sample

240514-w4chdsaf58
MD5

427e4f71aea2a7dae54914dd87754096
SHA1

8691dc37e47c79c8a670251e3753b0262506054d
SHA256

525a6eec68dee499c5b10471a43c258b655f9b1ad806f177814d2ec717641ec8
SHA512

8ca4b2de6f49346c65721e0c7195bdd73f48bac045c77636c4c62f33adec89219777db995ec9bd2d9ee513d216c69cb5c95de621946aadac0fc426c61c854a4f
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO36:/7BSH8zUB+nGESaaRvoB7FJNndnz

Score

8^/10

execution

Malware Config

Targets

- Target
  
  427e4f71aea2a7dae54914dd87754096_JaffaCakes118
- Size
  
  184KB
- MD5
  
  427e4f71aea2a7dae54914dd87754096
- SHA1
  
  8691dc37e47c79c8a670251e3753b0262506054d
- SHA256
  
  525a6eec68dee499c5b10471a43c258b655f9b1ad806f177814d2ec717641ec8
- SHA512
  
  8ca4b2de6f49346c65721e0c7195bdd73f48bac045c77636c4c62f33adec89219777db995ec9bd2d9ee513d216c69cb5c95de621946aadac0fc426c61c854a4f
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO36:/7BSH8zUB+nGESaaRvoB7FJNndnz
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2