83d8c327e238ee626c91c5a8c7367397b7a9a1d67efc2ead6cfd5b99c38fe40b | Triage

Sharing

General

Target

98e5efeeb4ce2069026f6c48b086a831_JaffaCakes118
Size

184KB
Sample

240605-wyhr8afa25
MD5

98e5efeeb4ce2069026f6c48b086a831
SHA1

36694cf29b7163eeccfefaf9a8df83239c249395
SHA256

83d8c327e238ee626c91c5a8c7367397b7a9a1d67efc2ead6cfd5b99c38fe40b
SHA512

991fd0f42485b6a43bd8de7eba0d1735915c7134f60b20ab9247a7b604d424e0a30fb3884cfc904284419f6f255c11cc264f13c2ddf725e23bf682cd2b1c3a4b
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Z:/7BSH8zUB+nGESaaRvoB7FJNndn4

Score

8^/10

execution

Malware Config

Targets

- Target
  
  98e5efeeb4ce2069026f6c48b086a831_JaffaCakes118
- Size
  
  184KB
- MD5
  
  98e5efeeb4ce2069026f6c48b086a831
- SHA1
  
  36694cf29b7163eeccfefaf9a8df83239c249395
- SHA256
  
  83d8c327e238ee626c91c5a8c7367397b7a9a1d67efc2ead6cfd5b99c38fe40b
- SHA512
  
  991fd0f42485b6a43bd8de7eba0d1735915c7134f60b20ab9247a7b604d424e0a30fb3884cfc904284419f6f255c11cc264f13c2ddf725e23bf682cd2b1c3a4b
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Z:/7BSH8zUB+nGESaaRvoB7FJNndn4
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2