4f1329c3b6796ec2a91a405986dd30b27eca30c2ec1b51377f959e0ddee962d2 | Triage

Sharing

General

Target

6a6e1755dba61fdaa7a4b5de4325d452_JaffaCakes118
Size

184KB
Sample

240523-k2ezysbe6v
MD5

6a6e1755dba61fdaa7a4b5de4325d452
SHA1

028b00c2fb1f42c076bfbe0492fa270b91f11529
SHA256

4f1329c3b6796ec2a91a405986dd30b27eca30c2ec1b51377f959e0ddee962d2
SHA512

bc183ad099863232363c2f310b6fda7b97367ac85f65aa0330b4eee96c2f403bda1225497de49d6ced5065e4741a8c846107dcb964a126d3838ca22acb6dd0a5
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO32:/7BSH8zUB+nGESaaRvoB7FJNndnH

Score

8^/10

execution

Malware Config

Targets

- Target
  
  6a6e1755dba61fdaa7a4b5de4325d452_JaffaCakes118
- Size
  
  184KB
- MD5
  
  6a6e1755dba61fdaa7a4b5de4325d452
- SHA1
  
  028b00c2fb1f42c076bfbe0492fa270b91f11529
- SHA256
  
  4f1329c3b6796ec2a91a405986dd30b27eca30c2ec1b51377f959e0ddee962d2
- SHA512
  
  bc183ad099863232363c2f310b6fda7b97367ac85f65aa0330b4eee96c2f403bda1225497de49d6ced5065e4741a8c846107dcb964a126d3838ca22acb6dd0a5
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO32:/7BSH8zUB+nGESaaRvoB7FJNndnH
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2