d80c66b4b62e1e77cada767f2c7b1cc159659a73cea884cdff69af84cd0d6750 | Triage

Sharing

General

Target

4cf7dc16decd137a2727f84984cf7fe7_JaffaCakes118
Size

184KB
Sample

240516-zr1k8sga62
MD5

4cf7dc16decd137a2727f84984cf7fe7
SHA1

fa8d6b57fe0a6d2491d8304847f57abd01f59a9f
SHA256

d80c66b4b62e1e77cada767f2c7b1cc159659a73cea884cdff69af84cd0d6750
SHA512

93c15bea03b4eb99a28fa31c8f3c75c0ab63133008ec57289c46c01a96489cc5118b0b662ac6eb9cabf4ae011f41f1851529910bb5af6c58630dd6ff8ebc1e10
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3T:/7BSH8zUB+nGESaaRvoB7FJNndne

Score

8^/10

execution

Malware Config

Targets

- Target
  
  4cf7dc16decd137a2727f84984cf7fe7_JaffaCakes118
- Size
  
  184KB
- MD5
  
  4cf7dc16decd137a2727f84984cf7fe7
- SHA1
  
  fa8d6b57fe0a6d2491d8304847f57abd01f59a9f
- SHA256
  
  d80c66b4b62e1e77cada767f2c7b1cc159659a73cea884cdff69af84cd0d6750
- SHA512
  
  93c15bea03b4eb99a28fa31c8f3c75c0ab63133008ec57289c46c01a96489cc5118b0b662ac6eb9cabf4ae011f41f1851529910bb5af6c58630dd6ff8ebc1e10
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3T:/7BSH8zUB+nGESaaRvoB7FJNndne
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2