0d6a6a75e7d15b9ca17082dbfe2fa6a321bb9b08963928d7bf07155ac814ecb2 | Triage

Sharing

General

Target

64bde517250cb578b11f339c51013ded_JaffaCakes118
Size

184KB
Sample

240521-zrad2sac25
MD5

64bde517250cb578b11f339c51013ded
SHA1

51090b7583df204306f12de1db735856ac2a23d7
SHA256

0d6a6a75e7d15b9ca17082dbfe2fa6a321bb9b08963928d7bf07155ac814ecb2
SHA512

16585e4565f419400ba7f1218e807115878507622f4ebff76fd5a1620e9352211d85c1d08780fb74e89ddfe545f9e6e7d64b539cedc98cf3db975d7d36e10fa3
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3S:/7BSH8zUB+nGESaaRvoB7FJNndnD

Score

8^/10

execution

Malware Config

Targets

- Target
  
  64bde517250cb578b11f339c51013ded_JaffaCakes118
- Size
  
  184KB
- MD5
  
  64bde517250cb578b11f339c51013ded
- SHA1
  
  51090b7583df204306f12de1db735856ac2a23d7
- SHA256
  
  0d6a6a75e7d15b9ca17082dbfe2fa6a321bb9b08963928d7bf07155ac814ecb2
- SHA512
  
  16585e4565f419400ba7f1218e807115878507622f4ebff76fd5a1620e9352211d85c1d08780fb74e89ddfe545f9e6e7d64b539cedc98cf3db975d7d36e10fa3
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3S:/7BSH8zUB+nGESaaRvoB7FJNndnD
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2