68121854fc566f7f4022fec329f3ba9e01e28483cd834beed404a83e3c6af50f | Triage

Sharing

General

Target

639ac6b08313d470e3874bf5f87c7b12_JaffaCakes118
Size

184KB
Sample

240521-rqz93sha37
MD5

639ac6b08313d470e3874bf5f87c7b12
SHA1

e9845679e2e71488a72849a9697ed51f8cba6aa4
SHA256

68121854fc566f7f4022fec329f3ba9e01e28483cd834beed404a83e3c6af50f
SHA512

e0d005606eee7469f33a4b132d14854578d94f8585d4ae58633c61c3fb681e9d70b370e0f62371060d3677942cb11743f4ff685ec8c16ec2d725d92b1a09f60f
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3X0:/7BSH8zUB+nGESaaRvoB7FJNndnd

Score

8^/10

execution

Malware Config

Targets

- Target
  
  639ac6b08313d470e3874bf5f87c7b12_JaffaCakes118
- Size
  
  184KB
- MD5
  
  639ac6b08313d470e3874bf5f87c7b12
- SHA1
  
  e9845679e2e71488a72849a9697ed51f8cba6aa4
- SHA256
  
  68121854fc566f7f4022fec329f3ba9e01e28483cd834beed404a83e3c6af50f
- SHA512
  
  e0d005606eee7469f33a4b132d14854578d94f8585d4ae58633c61c3fb681e9d70b370e0f62371060d3677942cb11743f4ff685ec8c16ec2d725d92b1a09f60f
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3X0:/7BSH8zUB+nGESaaRvoB7FJNndnd
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2