4c441c9397b178978fa07b47d0d5ab09f37be8cfc8d496fb2b3404578c4f3af4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a93708bf335db507223abc5e0132bca_JaffaCakes118
Size

17KB
Sample

240610-n285kshh3s
MD5

9a93708bf335db507223abc5e0132bca
SHA1

f51ec19c86c690d79b7cdd8228f484a2cd5127c0
SHA256

4c441c9397b178978fa07b47d0d5ab09f37be8cfc8d496fb2b3404578c4f3af4
SHA512

0c22e828dbe80ad2f269128d7c30b8febcbfa8aa4f94160b29a053d513520aba361c940ccd42bf14fddd9cc9e23b254cedcbc02e7bcd2c9494eafd796704fb26
SSDEEP

384:279qsFhW30VcGbjg0281NTO3y5HEMbuoX74eWQu0lEoPk8SQN1JNoFUN6U6OXH:M9qD0ljgPy6yWMLseWSCoMFsdoFK1

Score

8^/10

execution

Malware Config

Targets

- Target
  
  9-YUB-2019-R83942.js
- Size
  
  92KB
- MD5
  
  659963d96ffae892090e98b8ffa1ff62
- SHA1
  
  0ceff08a48aad18a7494fa151f8aeecc2a4bd1fc
- SHA256
  
  783cf5eff1762ca544ba31f17f2100c4ab413aae319384039a2290a231d2cb12
- SHA512
  
  7b981944eed7766f2ea3f664471d945eb962ef898bb9d9a3b22d39d4ce72f1be2dd505028d1e632d74dde22ee44a04cad1c28d51b33c4df1d1e16098c92ca42e
- SSDEEP
  
  1536:tPa7HhgTqBUVo/dSLi5UBPq9aaMifjPb9GkSXWVJjlq7YTWFLG6HMwm/RE90qyuu:tPIHhgAUq/dSLi5U5q9aaMifjP5GkSXW
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2