b1259cea0ef0e09d82215cc2b8443d819d842fbd56f3811f35fff5814741a798 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78215eceb98516b5afc15acdb905d18d_JaffaCakes118
Size

184KB
Sample

240527-gpgfgaad2w
MD5

78215eceb98516b5afc15acdb905d18d
SHA1

6e1f977c205d1c26392304eaba0434ce01ebfd1e
SHA256

b1259cea0ef0e09d82215cc2b8443d819d842fbd56f3811f35fff5814741a798
SHA512

34be83aa776d519e4b1dbb02b8e8f08e6743520400959263622da7f281eb7df26336250b7e8cdb7f45d631dddc7fbe71cc42d8c9f243d6857239e512b80ea3e3
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3k:/7BSH8zUB+nGESaaRvoB7FJNndnx

Score

8^/10

execution

Malware Config

Targets

- Target
  
  78215eceb98516b5afc15acdb905d18d_JaffaCakes118
- Size
  
  184KB
- MD5
  
  78215eceb98516b5afc15acdb905d18d
- SHA1
  
  6e1f977c205d1c26392304eaba0434ce01ebfd1e
- SHA256
  
  b1259cea0ef0e09d82215cc2b8443d819d842fbd56f3811f35fff5814741a798
- SHA512
  
  34be83aa776d519e4b1dbb02b8e8f08e6743520400959263622da7f281eb7df26336250b7e8cdb7f45d631dddc7fbe71cc42d8c9f243d6857239e512b80ea3e3
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3k:/7BSH8zUB+nGESaaRvoB7FJNndnx
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2