b16a06349d7c7cb4072c33721d1b68eaee69ae957d677c1c08a117f07e3d8f82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae74b911e808d13106349a707a808afd_JaffaCakes118
Size

184KB
Sample

240615-pse1ta1arb
MD5

ae74b911e808d13106349a707a808afd
SHA1

d5ce44e07add9563b1f8de5106d9f672316e785f
SHA256

b16a06349d7c7cb4072c33721d1b68eaee69ae957d677c1c08a117f07e3d8f82
SHA512

367958a7644b914367c3ac50e265b0700d437e9f6d1378831727e95fc01e439aa176297f5edee664b9461805747750c62d386c612559542f5509e463bf0b04dd
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3n:/7BSH8zUB+nGESaaRvoB7FJNndnG

Score

8^/10

execution

Malware Config

Targets

- Target
  
  ae74b911e808d13106349a707a808afd_JaffaCakes118
- Size
  
  184KB
- MD5
  
  ae74b911e808d13106349a707a808afd
- SHA1
  
  d5ce44e07add9563b1f8de5106d9f672316e785f
- SHA256
  
  b16a06349d7c7cb4072c33721d1b68eaee69ae957d677c1c08a117f07e3d8f82
- SHA512
  
  367958a7644b914367c3ac50e265b0700d437e9f6d1378831727e95fc01e439aa176297f5edee664b9461805747750c62d386c612559542f5509e463bf0b04dd
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3n:/7BSH8zUB+nGESaaRvoB7FJNndnG
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2