73da7ffa3619e3e8afbc2334219f1bd4be18b4128d835e2dfa9db8e3a9e239f5 | Triage

Sharing

General

Target

5e56d42c27affc6c662d1d43b9b4ef1d_JaffaCakes118
Size

26KB
Sample

240520-ldf3sadc63
MD5

5e56d42c27affc6c662d1d43b9b4ef1d
SHA1

6ebf6ec3ec7df9003172d2f7d184e57bbeee4a83
SHA256

73da7ffa3619e3e8afbc2334219f1bd4be18b4128d835e2dfa9db8e3a9e239f5
SHA512

9cc9688e1ed5c6497360de986e9a5d9f4f6620d3318705b9d661f56761a5591da321ea569804915ef5844ddf01a1ed8cfd91e63f6d336b98c96ae9a5ecff3bc1
SSDEEP

768:1yAIcMTnXGPXGLP3yr0wpGOPar8WY6Abj+OkoSgCADADYfLBZrhDoPRw73sgI03L:9KTnXGfmP3ybpaEIxw8J0fYkJ

Score

8^/10

execution

Malware Config

Targets

- Target
  
  5e56d42c27affc6c662d1d43b9b4ef1d_JaffaCakes118
- Size
  
  26KB
- MD5
  
  5e56d42c27affc6c662d1d43b9b4ef1d
- SHA1
  
  6ebf6ec3ec7df9003172d2f7d184e57bbeee4a83
- SHA256
  
  73da7ffa3619e3e8afbc2334219f1bd4be18b4128d835e2dfa9db8e3a9e239f5
- SHA512
  
  9cc9688e1ed5c6497360de986e9a5d9f4f6620d3318705b9d661f56761a5591da321ea569804915ef5844ddf01a1ed8cfd91e63f6d336b98c96ae9a5ecff3bc1
- SSDEEP
  
  768:1yAIcMTnXGPXGLP3yr0wpGOPar8WY6Abj+OkoSgCADADYfLBZrhDoPRw73sgI03L:9KTnXGfmP3ybpaEIxw8J0fYkJ
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2