5b6412e0de7fe5473b6bbe51f91cf84497d5516d3a5d717e3b3700b60167fe8e | Triage

Sharing

General

Target

4447f1352c2ceaa7bdfdf8df7a5ec30c_JaffaCakes118
Size

184KB
Sample

240515-dkwg2sec2y
MD5

4447f1352c2ceaa7bdfdf8df7a5ec30c
SHA1

46721f2810edc1477d076a2fceae717f56f6d22d
SHA256

5b6412e0de7fe5473b6bbe51f91cf84497d5516d3a5d717e3b3700b60167fe8e
SHA512

21a2e19dc6e40c4b606c61002ff9de1521ee52cbd0efc736771e3d3512182e20b7f5408c27cf5e1a8ee59f05c974028805e07eea4c7a98df70354008e7cb292a
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3k:/7BSH8zUB+nGESaaRvoB7FJNndnl

Score

8^/10

execution

Malware Config

Targets

- Target
  
  4447f1352c2ceaa7bdfdf8df7a5ec30c_JaffaCakes118
- Size
  
  184KB
- MD5
  
  4447f1352c2ceaa7bdfdf8df7a5ec30c
- SHA1
  
  46721f2810edc1477d076a2fceae717f56f6d22d
- SHA256
  
  5b6412e0de7fe5473b6bbe51f91cf84497d5516d3a5d717e3b3700b60167fe8e
- SHA512
  
  21a2e19dc6e40c4b606c61002ff9de1521ee52cbd0efc736771e3d3512182e20b7f5408c27cf5e1a8ee59f05c974028805e07eea4c7a98df70354008e7cb292a
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3k:/7BSH8zUB+nGESaaRvoB7FJNndnl
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2