057704cd5426051d837ea6ec586c3fe237c65c27ada23c77ead9ae47de3e0a36 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a74e6cb21c7689d5c6da6c393bf9a7d7_JaffaCakes118
Size

184KB
Sample

240614-arjkaaxelg
MD5

a74e6cb21c7689d5c6da6c393bf9a7d7
SHA1

11fcab5967177fde62c4427f4a0e416a397ef9eb
SHA256

057704cd5426051d837ea6ec586c3fe237c65c27ada23c77ead9ae47de3e0a36
SHA512

56b19314f0e278d2820ad32fce80193ce62a0861d6d1be23be2f0b3ac1984ab467e239f865e59a3693636ba272d9a6ac02525b3cb0d956fc52a993075ea156de
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3e:/7BSH8zUB+nGESaaRvoB7FJNndnr

Score

8^/10

execution

Malware Config

Targets

- Target
  
  a74e6cb21c7689d5c6da6c393bf9a7d7_JaffaCakes118
- Size
  
  184KB
- MD5
  
  a74e6cb21c7689d5c6da6c393bf9a7d7
- SHA1
  
  11fcab5967177fde62c4427f4a0e416a397ef9eb
- SHA256
  
  057704cd5426051d837ea6ec586c3fe237c65c27ada23c77ead9ae47de3e0a36
- SHA512
  
  56b19314f0e278d2820ad32fce80193ce62a0861d6d1be23be2f0b3ac1984ab467e239f865e59a3693636ba272d9a6ac02525b3cb0d956fc52a993075ea156de
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3e:/7BSH8zUB+nGESaaRvoB7FJNndnr
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2