38513d73783a36e751394b85e5db7d68b2dd1e4fa464b9dfacfbd795d40e3861 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6565cea6c2c574213b0e72068e09dd61_JaffaCakes118
Size

184KB
Sample

240522-a3klqafa62
MD5

6565cea6c2c574213b0e72068e09dd61
SHA1

3f5fe8b408f386c56ae05659955516028a4cf3db
SHA256

38513d73783a36e751394b85e5db7d68b2dd1e4fa464b9dfacfbd795d40e3861
SHA512

29ef22381e24eb18386c34a17e323235fb086c5f17583ffd5c623f1970b950f1cd8bf0834f71adb9606a7c634015cf3e62cd5d4e4bf5cad2f24473f60ca2fb3e
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO391:/7BSH8zUB+nGESaaRvoB7FJNndny1

Score

8^/10

execution

Malware Config

Targets

- Target
  
  6565cea6c2c574213b0e72068e09dd61_JaffaCakes118
- Size
  
  184KB
- MD5
  
  6565cea6c2c574213b0e72068e09dd61
- SHA1
  
  3f5fe8b408f386c56ae05659955516028a4cf3db
- SHA256
  
  38513d73783a36e751394b85e5db7d68b2dd1e4fa464b9dfacfbd795d40e3861
- SHA512
  
  29ef22381e24eb18386c34a17e323235fb086c5f17583ffd5c623f1970b950f1cd8bf0834f71adb9606a7c634015cf3e62cd5d4e4bf5cad2f24473f60ca2fb3e
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO391:/7BSH8zUB+nGESaaRvoB7FJNndny1
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2