48a4fe48a0ec092db99da8f17d41b3ebfe54859fc7282f9b1a166125d5441da3 | Triage

Sharing

General

Target

a0015f8b257ddba788410c463d362a36_JaffaCakes118
Size

184KB
Sample

240612-j7xarawaqj
MD5

a0015f8b257ddba788410c463d362a36
SHA1

a76c29c0709f0750b7c1d31710a44756b018a779
SHA256

48a4fe48a0ec092db99da8f17d41b3ebfe54859fc7282f9b1a166125d5441da3
SHA512

2ce22b6d41cd7d93a347e7adcd53fee241b4148890387da43a2a9495b127719c5d99dea495f6ac46621d0692ee93967fecd1ec49b0a5f6c1e1179439d710135a
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3V:/7BSH8zUB+nGESaaRvoB7FJNndn0

Score

8^/10

execution

Malware Config

Targets

- Target
  
  a0015f8b257ddba788410c463d362a36_JaffaCakes118
- Size
  
  184KB
- MD5
  
  a0015f8b257ddba788410c463d362a36
- SHA1
  
  a76c29c0709f0750b7c1d31710a44756b018a779
- SHA256
  
  48a4fe48a0ec092db99da8f17d41b3ebfe54859fc7282f9b1a166125d5441da3
- SHA512
  
  2ce22b6d41cd7d93a347e7adcd53fee241b4148890387da43a2a9495b127719c5d99dea495f6ac46621d0692ee93967fecd1ec49b0a5f6c1e1179439d710135a
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3V:/7BSH8zUB+nGESaaRvoB7FJNndn0
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2