0ed278adc9197c82ea5e2818b2c594c5319b48477b4b31013b62a8f2f40e4532 | Triage

Sharing

General

Target

454472490921081bf9510d4c445de56b_JaffaCakes118
Size

184KB
Sample

240515-j422tsgf41
MD5

454472490921081bf9510d4c445de56b
SHA1

f7e0de4544ff85b3e205043d0cd0eeba52f853bf
SHA256

0ed278adc9197c82ea5e2818b2c594c5319b48477b4b31013b62a8f2f40e4532
SHA512

f43f16b238187a67d789b3da0b24c243b80a6148f943454b4c9d694b7f474bdac0eb7dd7e10a41026fea1b1e995ed1b99bba92945201831dfed934046de1151e
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Q:/7BSH8zUB+nGESaaRvoB7FJNndn5

Score

8^/10

execution

Malware Config

Targets

- Target
  
  454472490921081bf9510d4c445de56b_JaffaCakes118
- Size
  
  184KB
- MD5
  
  454472490921081bf9510d4c445de56b
- SHA1
  
  f7e0de4544ff85b3e205043d0cd0eeba52f853bf
- SHA256
  
  0ed278adc9197c82ea5e2818b2c594c5319b48477b4b31013b62a8f2f40e4532
- SHA512
  
  f43f16b238187a67d789b3da0b24c243b80a6148f943454b4c9d694b7f474bdac0eb7dd7e10a41026fea1b1e995ed1b99bba92945201831dfed934046de1151e
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Q:/7BSH8zUB+nGESaaRvoB7FJNndn5
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2