91a34986c15dc37ac33b15e677f21940d992cf2c31b5af85d9ead18b251ef8a0 | Triage

Sharing

General

Target

8695849edc287a9761aea3bab6a6feb1_JaffaCakes118
Size

184KB
Sample

240531-lvjv1aee87
MD5

8695849edc287a9761aea3bab6a6feb1
SHA1

83bab866fb8ad5bc85e3024133799ff6d45add46
SHA256

91a34986c15dc37ac33b15e677f21940d992cf2c31b5af85d9ead18b251ef8a0
SHA512

ddb6ccf813f7d7a7f888417569c3fe5e4953ba832b1581231c5016062859292fe4d7c3faf9d98dd0c8987fe2c43c45501c7740ff80404b21d4286cafe30479b2
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3r:/7BSH8zUB+nGESaaRvoB7FJNndnO

Score

8^/10

execution

Malware Config

Targets

- Target
  
  8695849edc287a9761aea3bab6a6feb1_JaffaCakes118
- Size
  
  184KB
- MD5
  
  8695849edc287a9761aea3bab6a6feb1
- SHA1
  
  83bab866fb8ad5bc85e3024133799ff6d45add46
- SHA256
  
  91a34986c15dc37ac33b15e677f21940d992cf2c31b5af85d9ead18b251ef8a0
- SHA512
  
  ddb6ccf813f7d7a7f888417569c3fe5e4953ba832b1581231c5016062859292fe4d7c3faf9d98dd0c8987fe2c43c45501c7740ff80404b21d4286cafe30479b2
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3r:/7BSH8zUB+nGESaaRvoB7FJNndnO
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2