8c055e03a7f3eca8a2d437a0b9fdbcb0d32ff168be4b6ac9c74b4f7f5c94a81d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d56df440cbf50dd1a09210dcb60430e2_JaffaCakes118
Size

184KB
Sample

240909-bnr8paxcqf
MD5

d56df440cbf50dd1a09210dcb60430e2
SHA1

bb19cf5b96ed6c6a62e617b62c01968ef5f5e667
SHA256

8c055e03a7f3eca8a2d437a0b9fdbcb0d32ff168be4b6ac9c74b4f7f5c94a81d
SHA512

b0270a96fb618a21b3258ae76d32b6e1da372a6cc3630e7d3df1036e809359f915e8c59f80aadd1b3707284f721dabf5f508f72139ad8f8931906eb9d67c8ea3
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Y:/7BSH8zUB+nGESaaRvoB7FJNndnF

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  d56df440cbf50dd1a09210dcb60430e2_JaffaCakes118
- Size
  
  184KB
- MD5
  
  d56df440cbf50dd1a09210dcb60430e2
- SHA1
  
  bb19cf5b96ed6c6a62e617b62c01968ef5f5e667
- SHA256
  
  8c055e03a7f3eca8a2d437a0b9fdbcb0d32ff168be4b6ac9c74b4f7f5c94a81d
- SHA512
  
  b0270a96fb618a21b3258ae76d32b6e1da372a6cc3630e7d3df1036e809359f915e8c59f80aadd1b3707284f721dabf5f508f72139ad8f8931906eb9d67c8ea3
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Y:/7BSH8zUB+nGESaaRvoB7FJNndnF
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution