f81fdc905f86865db25e1016826782065425c45f8d9c692624ed414a44772eae | Triage

Sharing

General

Target

aef673cc5c30b661770b92f7ba5ecedb_JaffaCakes118
Size

184KB
Sample

240615-r87f4sybqq
MD5

aef673cc5c30b661770b92f7ba5ecedb
SHA1

f62acf90258cfc0056661368013a32bd6f3f9fe5
SHA256

f81fdc905f86865db25e1016826782065425c45f8d9c692624ed414a44772eae
SHA512

964a2cd73123f591e020bc930c7eef516e1d34f67fd312a8ecb4cbeaa6c3a7a601fad51fd5058f471449db47eae6bb4cd5a3c6bc24559239d64b8da7afe4b1a3
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3N:/7BSH8zUB+nGESaaRvoB7FJNndng

Score

8^/10

execution

Malware Config

Targets

- Target
  
  aef673cc5c30b661770b92f7ba5ecedb_JaffaCakes118
- Size
  
  184KB
- MD5
  
  aef673cc5c30b661770b92f7ba5ecedb
- SHA1
  
  f62acf90258cfc0056661368013a32bd6f3f9fe5
- SHA256
  
  f81fdc905f86865db25e1016826782065425c45f8d9c692624ed414a44772eae
- SHA512
  
  964a2cd73123f591e020bc930c7eef516e1d34f67fd312a8ecb4cbeaa6c3a7a601fad51fd5058f471449db47eae6bb4cd5a3c6bc24559239d64b8da7afe4b1a3
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3N:/7BSH8zUB+nGESaaRvoB7FJNndng
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2