8911e48642be51519e3b2b925bde311991243e2bd86db188c2383144976edb65 | Triage

Sharing

General

Target

7ed6d287ee600fe99d7910a33712ec43_JaffaCakes118
Size

184KB
Sample

240528-3ysezshf9w
MD5

7ed6d287ee600fe99d7910a33712ec43
SHA1

5fc6cdf02e9386087826caf2974440427953ed57
SHA256

8911e48642be51519e3b2b925bde311991243e2bd86db188c2383144976edb65
SHA512

bbbec6e7bdc44db2331fcdeaaa7ae0d46e54a4f66e2e9c691a5a7b2ed6558bc1936ae15254265e976384e4fd3b55814b38d23c09db8b78e1c6f91a67fb7a2c3a
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3D:/7BSH8zUB+nGESaaRvoB7FJNndnK

Score

8^/10

execution

Malware Config

Targets

- Target
  
  7ed6d287ee600fe99d7910a33712ec43_JaffaCakes118
- Size
  
  184KB
- MD5
  
  7ed6d287ee600fe99d7910a33712ec43
- SHA1
  
  5fc6cdf02e9386087826caf2974440427953ed57
- SHA256
  
  8911e48642be51519e3b2b925bde311991243e2bd86db188c2383144976edb65
- SHA512
  
  bbbec6e7bdc44db2331fcdeaaa7ae0d46e54a4f66e2e9c691a5a7b2ed6558bc1936ae15254265e976384e4fd3b55814b38d23c09db8b78e1c6f91a67fb7a2c3a
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3D:/7BSH8zUB+nGESaaRvoB7FJNndnK
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2