d78fc405a74a654740ebe04fba3925c44f7c8432bb767663960ff9919023abbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89a90d9bbe901329ea4e7a71de114ee3_JaffaCakes118
Size

184KB
Sample

240601-hljl4adh54
MD5

89a90d9bbe901329ea4e7a71de114ee3
SHA1

a0241226d52834549f6b569b8fdce93c4f07c234
SHA256

d78fc405a74a654740ebe04fba3925c44f7c8432bb767663960ff9919023abbc
SHA512

a3e619575bf096d4a52dc3bc05445c8ee9888f167f882db5bcd647a47bca99413273b3ed4a19f572e1c760dda8c373dc90692b1effb142a8a8a119bcdf2501bf
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3a:/7BSH8zUB+nGESaaRvoB7FJNndnH

Score

8^/10

execution

Malware Config

Targets

- Target
  
  89a90d9bbe901329ea4e7a71de114ee3_JaffaCakes118
- Size
  
  184KB
- MD5
  
  89a90d9bbe901329ea4e7a71de114ee3
- SHA1
  
  a0241226d52834549f6b569b8fdce93c4f07c234
- SHA256
  
  d78fc405a74a654740ebe04fba3925c44f7c8432bb767663960ff9919023abbc
- SHA512
  
  a3e619575bf096d4a52dc3bc05445c8ee9888f167f882db5bcd647a47bca99413273b3ed4a19f572e1c760dda8c373dc90692b1effb142a8a8a119bcdf2501bf
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3a:/7BSH8zUB+nGESaaRvoB7FJNndnH
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2