8764fefec0180fcfba6fd55db98c4c0d49335584a085b80ae720964c6ed95091 | Triage

Sharing

General

Target

63d263a67f3439124dc0b15f5dc36af5_JaffaCakes118
Size

184KB
Sample

240521-s36hasaf56
MD5

63d263a67f3439124dc0b15f5dc36af5
SHA1

f3aaff07c0108e4992fc627e69ef096dca97f392
SHA256

8764fefec0180fcfba6fd55db98c4c0d49335584a085b80ae720964c6ed95091
SHA512

bd9bf55e5746eef9de706de56f1deb22d897ee1bb2d7fc9effd6acb005600e2ed7bbef50f77a2e44a0a47c97897ac25c4faff901206f29bb4a20cbf0b5a85bef
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3i:/7BSH8zUB+nGESaaRvoB7FJNndnf

Score

8^/10

execution

Malware Config

Targets

- Target
  
  63d263a67f3439124dc0b15f5dc36af5_JaffaCakes118
- Size
  
  184KB
- MD5
  
  63d263a67f3439124dc0b15f5dc36af5
- SHA1
  
  f3aaff07c0108e4992fc627e69ef096dca97f392
- SHA256
  
  8764fefec0180fcfba6fd55db98c4c0d49335584a085b80ae720964c6ed95091
- SHA512
  
  bd9bf55e5746eef9de706de56f1deb22d897ee1bb2d7fc9effd6acb005600e2ed7bbef50f77a2e44a0a47c97897ac25c4faff901206f29bb4a20cbf0b5a85bef
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3i:/7BSH8zUB+nGESaaRvoB7FJNndnf
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2