0469cce2c49381b44b8584778af67ca112ade852e38e64114f33fcf7f244c419 | Triage

Sharing

General

Target

a8adce2bcf005d7f902ccb8badf90e4e_JaffaCakes118
Size

184KB
Sample

240614-j4hm7asakc
MD5

a8adce2bcf005d7f902ccb8badf90e4e
SHA1

638623efc1cb9a80b8032b7f5e392e519a8edf13
SHA256

0469cce2c49381b44b8584778af67ca112ade852e38e64114f33fcf7f244c419
SHA512

4ac4d8f2c4c81e5607e9612db4480f1d6943318a619ca7621f90af61018ce8edf11df8d757b6ee6ca66b317c4fda5702f40daaae131f79386e8323b826c4ca50
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3z:/7BSH8zUB+nGESaaRvoB7FJNndn6

Score

8^/10

execution

Malware Config

Targets

- Target
  
  a8adce2bcf005d7f902ccb8badf90e4e_JaffaCakes118
- Size
  
  184KB
- MD5
  
  a8adce2bcf005d7f902ccb8badf90e4e
- SHA1
  
  638623efc1cb9a80b8032b7f5e392e519a8edf13
- SHA256
  
  0469cce2c49381b44b8584778af67ca112ade852e38e64114f33fcf7f244c419
- SHA512
  
  4ac4d8f2c4c81e5607e9612db4480f1d6943318a619ca7621f90af61018ce8edf11df8d757b6ee6ca66b317c4fda5702f40daaae131f79386e8323b826c4ca50
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3z:/7BSH8zUB+nGESaaRvoB7FJNndn6
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2