23204f22b431df29513e569c6dfead315810076bb4ac0a2e0f4ced0def2a0f6c | Triage

Sharing

General

Target

431e5d9b5d0f421a974523a22c6c3d16_JaffaCakes118
Size

184KB
Sample

240514-z6ex3she67
MD5

431e5d9b5d0f421a974523a22c6c3d16
SHA1

e681cce7839254932b4b845dc51b4a69c120360c
SHA256

23204f22b431df29513e569c6dfead315810076bb4ac0a2e0f4ced0def2a0f6c
SHA512

0aa768296346e0686cf88468d8bd7838bc7d2b993245d1d133e377a86c75ca0c46c444f9b4bcd6b0df71db056bc26b10e52d84335d2cfd9d1ca23fda78fd86c5
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3O:/7BSH8zUB+nGESaaRvoB7FJNndnr

Score

8^/10

execution

Malware Config

Targets

- Target
  
  431e5d9b5d0f421a974523a22c6c3d16_JaffaCakes118
- Size
  
  184KB
- MD5
  
  431e5d9b5d0f421a974523a22c6c3d16
- SHA1
  
  e681cce7839254932b4b845dc51b4a69c120360c
- SHA256
  
  23204f22b431df29513e569c6dfead315810076bb4ac0a2e0f4ced0def2a0f6c
- SHA512
  
  0aa768296346e0686cf88468d8bd7838bc7d2b993245d1d133e377a86c75ca0c46c444f9b4bcd6b0df71db056bc26b10e52d84335d2cfd9d1ca23fda78fd86c5
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3O:/7BSH8zUB+nGESaaRvoB7FJNndnr
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2