3edd6d1905f23a23f66fd4d8e3843faad61d0c152e6ff960e937ac566413c587 | Triage

Sharing

General

Target

641235502e39b5c559e8b91491375fb8_JaffaCakes118
Size

184KB
Sample

240521-vk2shacd49
MD5

641235502e39b5c559e8b91491375fb8
SHA1

b2ac41b36f923ab83d31ba7e77a9b859745f362d
SHA256

3edd6d1905f23a23f66fd4d8e3843faad61d0c152e6ff960e937ac566413c587
SHA512

343f98237a959de80bf53820a84c0ffb17295f2328096016f9000e009d42eecb97847bab200e6a8472d7ec4bf8d5a417b461936f483abca8296efab35e967995
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3C:/7BSH8zUB+nGESaaRvoB7FJNndnn

Score

8^/10

execution

Malware Config

Targets

- Target
  
  641235502e39b5c559e8b91491375fb8_JaffaCakes118
- Size
  
  184KB
- MD5
  
  641235502e39b5c559e8b91491375fb8
- SHA1
  
  b2ac41b36f923ab83d31ba7e77a9b859745f362d
- SHA256
  
  3edd6d1905f23a23f66fd4d8e3843faad61d0c152e6ff960e937ac566413c587
- SHA512
  
  343f98237a959de80bf53820a84c0ffb17295f2328096016f9000e009d42eecb97847bab200e6a8472d7ec4bf8d5a417b461936f483abca8296efab35e967995
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3C:/7BSH8zUB+nGESaaRvoB7FJNndnn
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2