2bbbc53c8bd879b848d3e723e682a5248768322fd7ce59c3afffb6095e30a1dc | Triage

Sharing

General

Target

6902fd9f1aa0e20831394672f4fd4751_JaffaCakes118
Size

184KB
Sample

240522-3jrvxadc6y
MD5

6902fd9f1aa0e20831394672f4fd4751
SHA1

f3b482af73602e2517f351224ed4d9e1ef605ee8
SHA256

2bbbc53c8bd879b848d3e723e682a5248768322fd7ce59c3afffb6095e30a1dc
SHA512

7cb68f3b2aeed97e4f364e68fd483d48475b598772262db9a67235d2c710abe31095c0bf9447f447bb10054b5e42d0b5c64be0b482ad200c2d4a524b1251b1c6
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3c:/7BSH8zUB+nGESaaRvoB7FJNndnJ

Score

8^/10

execution

Malware Config

Targets

- Target
  
  6902fd9f1aa0e20831394672f4fd4751_JaffaCakes118
- Size
  
  184KB
- MD5
  
  6902fd9f1aa0e20831394672f4fd4751
- SHA1
  
  f3b482af73602e2517f351224ed4d9e1ef605ee8
- SHA256
  
  2bbbc53c8bd879b848d3e723e682a5248768322fd7ce59c3afffb6095e30a1dc
- SHA512
  
  7cb68f3b2aeed97e4f364e68fd483d48475b598772262db9a67235d2c710abe31095c0bf9447f447bb10054b5e42d0b5c64be0b482ad200c2d4a524b1251b1c6
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3c:/7BSH8zUB+nGESaaRvoB7FJNndnJ
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2