e8c7146c1c477cfacd432af5ba7952073c73cf4d627d2392678917cefdfe6a27 | Triage

Sharing

General

Target

ad885e38698fec8c29afc22cc3176e12_JaffaCakes118
Size

184KB
Sample

240615-kcjlvatfma
MD5

ad885e38698fec8c29afc22cc3176e12
SHA1

8c471b848ce7278d625e81ee6463fda90f11f2f9
SHA256

e8c7146c1c477cfacd432af5ba7952073c73cf4d627d2392678917cefdfe6a27
SHA512

5564db65945e0387faf856c7d90b2bd056098242b4a6f0b7890e9e4d7580be5010f38665f767e1bf5056e40b06d2ab9aab9e13fbe370ac474e38d4aeb86753ee
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO30:/7BSH8zUB+nGESaaRvoB7FJNndnx

Score

8^/10

execution

Malware Config

Targets

- Target
  
  ad885e38698fec8c29afc22cc3176e12_JaffaCakes118
- Size
  
  184KB
- MD5
  
  ad885e38698fec8c29afc22cc3176e12
- SHA1
  
  8c471b848ce7278d625e81ee6463fda90f11f2f9
- SHA256
  
  e8c7146c1c477cfacd432af5ba7952073c73cf4d627d2392678917cefdfe6a27
- SHA512
  
  5564db65945e0387faf856c7d90b2bd056098242b4a6f0b7890e9e4d7580be5010f38665f767e1bf5056e40b06d2ab9aab9e13fbe370ac474e38d4aeb86753ee
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO30:/7BSH8zUB+nGESaaRvoB7FJNndnx
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2