1ff072af27c34200684acbb3168ea0526caed260047589194afa52a46cdda0d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a95a08d1decc6ec609f4f1b9d26005de_JaffaCakes118
Size

184KB
Sample

240614-m779ssxhna
MD5

a95a08d1decc6ec609f4f1b9d26005de
SHA1

dccd7c9ac2280bc477f0f51cea22c2504231d515
SHA256

1ff072af27c34200684acbb3168ea0526caed260047589194afa52a46cdda0d5
SHA512

980c57f5b7dc67b18df7e3a3774951017dbda86a564092dd423162e6304f5993cb2e42739f1d6f861bd0c02040a968f774a6d3391fccff022a4e4928f4531282
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3p:/7BSH8zUB+nGESaaRvoB7FJNndnw

Score

8^/10

execution

Malware Config

Targets

- Target
  
  a95a08d1decc6ec609f4f1b9d26005de_JaffaCakes118
- Size
  
  184KB
- MD5
  
  a95a08d1decc6ec609f4f1b9d26005de
- SHA1
  
  dccd7c9ac2280bc477f0f51cea22c2504231d515
- SHA256
  
  1ff072af27c34200684acbb3168ea0526caed260047589194afa52a46cdda0d5
- SHA512
  
  980c57f5b7dc67b18df7e3a3774951017dbda86a564092dd423162e6304f5993cb2e42739f1d6f861bd0c02040a968f774a6d3391fccff022a4e4928f4531282
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3p:/7BSH8zUB+nGESaaRvoB7FJNndnw
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2