62667e687cacb133be1e110957a47e67497d30e7dad8f37d485e3d4f6f2d0ecd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d4caee73693b3e49f00a0e8cda542db_JaffaCakes118
Size

184KB
Sample

240602-h71shafd75
MD5

8d4caee73693b3e49f00a0e8cda542db
SHA1

4969280aa6e27d0eb40715664d8dbc2c9d53bca4
SHA256

62667e687cacb133be1e110957a47e67497d30e7dad8f37d485e3d4f6f2d0ecd
SHA512

69b23cee772aafb323e62668c4a4b76f675300b7b24d9a803504412315b44c3949a9b9d956f7b0e02ac0aaf2c5504641a207f0b1aced8cd990a338cdc3130212
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3S:/7BSH8zUB+nGESaaRvoB7FJNndnH

Score

8^/10

execution

Malware Config

Targets

- Target
  
  8d4caee73693b3e49f00a0e8cda542db_JaffaCakes118
- Size
  
  184KB
- MD5
  
  8d4caee73693b3e49f00a0e8cda542db
- SHA1
  
  4969280aa6e27d0eb40715664d8dbc2c9d53bca4
- SHA256
  
  62667e687cacb133be1e110957a47e67497d30e7dad8f37d485e3d4f6f2d0ecd
- SHA512
  
  69b23cee772aafb323e62668c4a4b76f675300b7b24d9a803504412315b44c3949a9b9d956f7b0e02ac0aaf2c5504641a207f0b1aced8cd990a338cdc3130212
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3S:/7BSH8zUB+nGESaaRvoB7FJNndnH
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2