19ce607fdaa08c054eb62794ca812ba81ff3684b6b278f3f30b68219db3df2d0 | Triage

Sharing

General

Target

dbc15efc4066c6b8ab27b3014e6dd2ad_JaffaCakes118
Size

184KB
Sample

240912-ecg55azdlg
MD5

dbc15efc4066c6b8ab27b3014e6dd2ad
SHA1

a2e358f0e180f175c5ef66380448137d71a0d879
SHA256

19ce607fdaa08c054eb62794ca812ba81ff3684b6b278f3f30b68219db3df2d0
SHA512

a7d73f4f4b7602c38859a7dfa6d8223259fd7b705f089a061bdcfac37996539bc34e6748639ae8c9a53c6cfc189d3ef8c86826bb0ce90bda5d188a522367feff
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO32d:/7BSH8zUB+nGESaaRvoB7FJNndnHd

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  dbc15efc4066c6b8ab27b3014e6dd2ad_JaffaCakes118
- Size
  
  184KB
- MD5
  
  dbc15efc4066c6b8ab27b3014e6dd2ad
- SHA1
  
  a2e358f0e180f175c5ef66380448137d71a0d879
- SHA256
  
  19ce607fdaa08c054eb62794ca812ba81ff3684b6b278f3f30b68219db3df2d0
- SHA512
  
  a7d73f4f4b7602c38859a7dfa6d8223259fd7b705f089a061bdcfac37996539bc34e6748639ae8c9a53c6cfc189d3ef8c86826bb0ce90bda5d188a522367feff
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO32d:/7BSH8zUB+nGESaaRvoB7FJNndnHd
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution