569413d82fbb3fdcec77ee18ab84665ee5f8cdb765a8d06c248e83895e1acf6c | Triage

Sharing

General

Target

d18848d82cd22f919914e8354e2247a5_JaffaCakes118
Size

8KB
Sample

240907-knhhxsvhne
MD5

d18848d82cd22f919914e8354e2247a5
SHA1

763ea312cfc8471cc5b9fae931f528c722095ff5
SHA256

569413d82fbb3fdcec77ee18ab84665ee5f8cdb765a8d06c248e83895e1acf6c
SHA512

cf678e0a61afdef7a905039b67886e3b2f965f63e4adf8cfb01e6523b735bac3bce540f2401e5f59e907c1bf0d1f7c85c185e3f5e1f99bdecc49123f471a226e
SSDEEP

192:ZZl+tg2BMgy/6ofp8JidWjPUlZBgFErtfzSbBFi6R:cvBr7ofp8XjMLBgFw1ebXiQ

Score

8^/10

execution

Malware Config

Targets

- Target
  
  42761913641-May_01_2019.js
- Size
  
  39KB
- MD5
  
  894aa32cbc169bc55f76dbc745a8a409
- SHA1
  
  fa68cd456d468c0b5f501148107f0dcf726da043
- SHA256
  
  b0840f0a422e5b418f84a7e2a15d30bdec48404257a8b7bd95a36ee7d6806feb
- SHA512
  
  8e207d21917f818985d5467f029f87624fe2168d5b42cf64cbb2b1a497b957061014be720a5c00a57b918f1161f79784578f121412639d348ff54d3a8e0e3005
- SSDEEP
  
  768:tvvuVEOojy4VaOvblKaOMvRQnRUm0eRbE4YTtWsVuNfeqro6OAFhUaEcd9pruwIv:tvIEOoj9VDvxKaOMqnR+nKGb7+liO3te
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2