11cae766f4eaed690ec3c6b94145e54c041674d6bf10ce8ec9dd6ad34b56f012 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

900c676bb97dd86b7d0152a86fddae32_JaffaCakes118
Size

11KB
Sample

240603-bfgf8aeh78
MD5

900c676bb97dd86b7d0152a86fddae32
SHA1

35f73572bd10925562ee3e2d9a514e6468414b93
SHA256

11cae766f4eaed690ec3c6b94145e54c041674d6bf10ce8ec9dd6ad34b56f012
SHA512

88822d9b271e1ac6bc23fda48d6821cf51725bda0274e8d74bf5b6ab21bfb2d9bbdf665ee2c9f506ed4f177ce32541b25245c22b65bb499feb1b07677568b86d
SSDEEP

192:4gr2uo2B0znmGunqCAuYawmJ60jnWHkBcjgU8ne839yFeAzaupEQKfZ:4OoOqBuYeJ60jWEBQgUIeW9YdNKfZ

Score

8^/10

execution

Malware Config

Targets

- Target
  
  Scan_42820878596DE_Mai_09_2019.js
- Size
  
  42KB
- MD5
  
  f498b52c97166598e564f3354c223740
- SHA1
  
  3d0dcae0e2a63796b3042c7940a48495bfbd1a88
- SHA256
  
  08324ad1663b948f09fa5c46383575683088ba414169958d1c6230ce336015ae
- SHA512
  
  d22dee79e086a323b6267e4540d2ebd7a22a7fe7733ec6d46f115b9a2100ee9d1c654d969c3362a34b684cf7e29b88e28fd89630e7c30a4bfb5b41dafa33c31d
- SSDEEP
  
  768:n1u87RUaNI9m3CpKtvkSDgkDWnCDnilnMuppCXyijVvLccIpLZn3NOv4EOmMlOAd:n1u87RUaNIGO2wXaCID8H+1unT7josbX
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2