f8f223ecc842e99e7b1a30ac5f6688db165543ed45e42a17c35439ff25bb8888 | Triage

Sharing

General

Target

7fa72441493abf24c04b12c5ac7dbd56_JaffaCakes118
Size

184KB
Sample

240529-f9raqscb2s
MD5

7fa72441493abf24c04b12c5ac7dbd56
SHA1

a70d6874f2730ea2fd4efb20a402d5bcf6efcd06
SHA256

f8f223ecc842e99e7b1a30ac5f6688db165543ed45e42a17c35439ff25bb8888
SHA512

03a8f3b3da0512f06f030088d76327cad7aeb050dca105d2e60160a0a8db6c21a0652b2725c30c180b5bf4a035c21f13daee9ab246c88b154d2b1386d79684b6
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3qN:/7BSH8zUB+nGESaaRvoB7FJNndn/N

Score

8^/10

execution

Malware Config

Targets

- Target
  
  7fa72441493abf24c04b12c5ac7dbd56_JaffaCakes118
- Size
  
  184KB
- MD5
  
  7fa72441493abf24c04b12c5ac7dbd56
- SHA1
  
  a70d6874f2730ea2fd4efb20a402d5bcf6efcd06
- SHA256
  
  f8f223ecc842e99e7b1a30ac5f6688db165543ed45e42a17c35439ff25bb8888
- SHA512
  
  03a8f3b3da0512f06f030088d76327cad7aeb050dca105d2e60160a0a8db6c21a0652b2725c30c180b5bf4a035c21f13daee9ab246c88b154d2b1386d79684b6
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3qN:/7BSH8zUB+nGESaaRvoB7FJNndn/N
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2