4784ff01183395cbbca37f078ac6f90d8752249e3bb857f473281992ec7255df | Triage

Sharing

General

Target

5cff4f625c4a6f08070aba6f90c252ec_JaffaCakes118
Size

184KB
Sample

240520-d8m6ksaa37
MD5

5cff4f625c4a6f08070aba6f90c252ec
SHA1

0ab4e94b25900771194c6b1ace7faee7e6533428
SHA256

4784ff01183395cbbca37f078ac6f90d8752249e3bb857f473281992ec7255df
SHA512

054ef1a7742fc33fdedd478c320a477f4f92607e43ffc9727a22fc781851fbc4a3ab838872ec6e21d7173afcaba9fa93c05d0eeab67d7cae4b4c51009851ca8d
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO35r:/7BSH8zUB+nGESaaRvoB7FJNndnir

Score

8^/10

execution

Malware Config

Targets

- Target
  
  5cff4f625c4a6f08070aba6f90c252ec_JaffaCakes118
- Size
  
  184KB
- MD5
  
  5cff4f625c4a6f08070aba6f90c252ec
- SHA1
  
  0ab4e94b25900771194c6b1ace7faee7e6533428
- SHA256
  
  4784ff01183395cbbca37f078ac6f90d8752249e3bb857f473281992ec7255df
- SHA512
  
  054ef1a7742fc33fdedd478c320a477f4f92607e43ffc9727a22fc781851fbc4a3ab838872ec6e21d7173afcaba9fa93c05d0eeab67d7cae4b4c51009851ca8d
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO35r:/7BSH8zUB+nGESaaRvoB7FJNndnir
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2