71d6c1285130edad37a173dec053d3a8a8c5a97548cf736b2bef923564bfcf46 | Triage

Sharing

General

Target

5cd9b3ad2ea8a0b21266481167f603a1_JaffaCakes118
Size

184KB
Sample

240520-dh66rsgf59
MD5

5cd9b3ad2ea8a0b21266481167f603a1
SHA1

5ec589da3d617e7fbef95b30d28bf876f65f8678
SHA256

71d6c1285130edad37a173dec053d3a8a8c5a97548cf736b2bef923564bfcf46
SHA512

1996f251d926e09b10bebcdb0318c25cd1d754ddd352e4837d2e69c6f9b84113b79ea5975c0accfede65f9d8f604df189ee52c7216baffe8de668ad45638ee94
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34:/7BSH8zUB+nGESaaRvoB7FJNndnt

Score

8^/10

execution

Malware Config

Targets

- Target
  
  5cd9b3ad2ea8a0b21266481167f603a1_JaffaCakes118
- Size
  
  184KB
- MD5
  
  5cd9b3ad2ea8a0b21266481167f603a1
- SHA1
  
  5ec589da3d617e7fbef95b30d28bf876f65f8678
- SHA256
  
  71d6c1285130edad37a173dec053d3a8a8c5a97548cf736b2bef923564bfcf46
- SHA512
  
  1996f251d926e09b10bebcdb0318c25cd1d754ddd352e4837d2e69c6f9b84113b79ea5975c0accfede65f9d8f604df189ee52c7216baffe8de668ad45638ee94
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34:/7BSH8zUB+nGESaaRvoB7FJNndnt
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2