40045260648bd3cf36ee255a5e7f3d8f96862d31d2f5b881fcf5b5e9b94855ef | Triage

Sharing

General

Target

5ca6bae0eef6e6c8d8c0e7ce213bc113_JaffaCakes118
Size

184KB
Sample

240520-clwzjafd3w
MD5

5ca6bae0eef6e6c8d8c0e7ce213bc113
SHA1

5446fdcf8f3ba9da07e66aafeb3791ca59615ffe
SHA256

40045260648bd3cf36ee255a5e7f3d8f96862d31d2f5b881fcf5b5e9b94855ef
SHA512

85bb06c5385cdb8d31d9462d0f06d37b4ddbc7bd2ca9050197502568f4dd85a61a829c0abe13a5a650bd414c46a84b58911d973de29fccfecb0787c69b709e0b
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO376:/7BSH8zUB+nGESaaRvoB7FJNndn06

Score

8^/10

execution

Malware Config

Targets

- Target
  
  5ca6bae0eef6e6c8d8c0e7ce213bc113_JaffaCakes118
- Size
  
  184KB
- MD5
  
  5ca6bae0eef6e6c8d8c0e7ce213bc113
- SHA1
  
  5446fdcf8f3ba9da07e66aafeb3791ca59615ffe
- SHA256
  
  40045260648bd3cf36ee255a5e7f3d8f96862d31d2f5b881fcf5b5e9b94855ef
- SHA512
  
  85bb06c5385cdb8d31d9462d0f06d37b4ddbc7bd2ca9050197502568f4dd85a61a829c0abe13a5a650bd414c46a84b58911d973de29fccfecb0787c69b709e0b
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO376:/7BSH8zUB+nGESaaRvoB7FJNndn06
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2