8e9046498cbe2b8fbe9959d9a19963cff531e4e27dfd0a3e0659a306d66b99db | Triage

Sharing

General

Target

836d6d4602dbdaa635593ac97ee5c597_JaffaCakes118
Size

184KB
Sample

240530-h721kabf37
MD5

836d6d4602dbdaa635593ac97ee5c597
SHA1

ce9e9d15178807eaee7ee81f002a8d7b0d76994b
SHA256

8e9046498cbe2b8fbe9959d9a19963cff531e4e27dfd0a3e0659a306d66b99db
SHA512

c79626c51b3eaf6da297100fe7c6aa04f09ba28957681c2ab2b16c670e0c02a9f315ba4ecd2124040c4b159bc1a7c200f5bf7346be6626e2e036d74575e92563
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3S:/7BSH8zUB+nGESaaRvoB7FJNndnL

Score

8^/10

execution

Malware Config

Targets

- Target
  
  836d6d4602dbdaa635593ac97ee5c597_JaffaCakes118
- Size
  
  184KB
- MD5
  
  836d6d4602dbdaa635593ac97ee5c597
- SHA1
  
  ce9e9d15178807eaee7ee81f002a8d7b0d76994b
- SHA256
  
  8e9046498cbe2b8fbe9959d9a19963cff531e4e27dfd0a3e0659a306d66b99db
- SHA512
  
  c79626c51b3eaf6da297100fe7c6aa04f09ba28957681c2ab2b16c670e0c02a9f315ba4ecd2124040c4b159bc1a7c200f5bf7346be6626e2e036d74575e92563
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3S:/7BSH8zUB+nGESaaRvoB7FJNndnL
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2