Analysis Overview
SHA256
980b7068b358d679072927e3bb56c380e857010073d7678f72e40b967d8b18cc
Threat Level: Likely malicious
The file a39b4a58a0bf1baff08922fff367fde2_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Blocklisted process makes network request
Command and Scripting Interpreter: JavaScript
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 02:58
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 02:58
Reported
2024-06-13 03:00
Platform
win7-20240221-en
Max time kernel
120s
Max time network
121s
Command Line
Signatures
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\WScript.exe | N/A |
| N/A | N/A | C:\Windows\System32\WScript.exe | N/A |
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\System32\WScript.exe
C:\Windows\System32\WScript.exe "C:\Users\Admin\AppData\Local\Temp\___ ____ ________ ______ ___________ ______.jse"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nathannewman.org | udp |
| US | 75.98.175.92:80 | nathannewman.org | tcp |
| US | 8.8.8.8:53 | mapsu.org | udp |
| US | 99.192.235.57:80 | mapsu.org | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-13 02:58
Reported
2024-06-13 03:00
Platform
win10v2004-20240508-en
Max time kernel
51s
Max time network
52s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\System32\WScript.exe
C:\Windows\System32\WScript.exe "C:\Users\Admin\AppData\Local\Temp\___ ____ ________ ______ ___________ ______.jse"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nathannewman.org | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mapsu.org | udp |