866daca65fcfe6d7f4ea7b75c993e336381f366479ff26f754185205c6903002 | Triage

Sharing

General

Target

8918ad1f0dabbd69f21f1e73a20d4cdb_JaffaCakes118
Size

184KB
Sample

240601-crp36sfb89
MD5

8918ad1f0dabbd69f21f1e73a20d4cdb
SHA1

3293d72b7dee5e7b8919355cb0dca483bc5e8bf8
SHA256

866daca65fcfe6d7f4ea7b75c993e336381f366479ff26f754185205c6903002
SHA512

bf50b212dbe70bbc2e544e1714518c647d84bf2b76301b1a924e686af6e792c0d977206480f09c46ed2bbedc0a9abd32e4d38800268e8e33b4d8a78c6142de3c
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3O:/7BSH8zUB+nGESaaRvoB7FJNndnL

Score

8^/10

execution

Malware Config

Targets

- Target
  
  8918ad1f0dabbd69f21f1e73a20d4cdb_JaffaCakes118
- Size
  
  184KB
- MD5
  
  8918ad1f0dabbd69f21f1e73a20d4cdb
- SHA1
  
  3293d72b7dee5e7b8919355cb0dca483bc5e8bf8
- SHA256
  
  866daca65fcfe6d7f4ea7b75c993e336381f366479ff26f754185205c6903002
- SHA512
  
  bf50b212dbe70bbc2e544e1714518c647d84bf2b76301b1a924e686af6e792c0d977206480f09c46ed2bbedc0a9abd32e4d38800268e8e33b4d8a78c6142de3c
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3O:/7BSH8zUB+nGESaaRvoB7FJNndnL
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2