f4ad5f3733842846c316d6ad3e5047e69a4a60e61f76290f167a66fbc1964930 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dff4571b3987dfee201924398c3b7469_JaffaCakes118
Size

184KB
Sample

240914-lx2tlaxhnr
MD5

dff4571b3987dfee201924398c3b7469
SHA1

d7e03dfe52880e1532d3c84aa71f6784d50481f9
SHA256

f4ad5f3733842846c316d6ad3e5047e69a4a60e61f76290f167a66fbc1964930
SHA512

483526f56b9575a49f60ee38de049bb2da5d3bb91cc39894b73957e2a7e2f55c87fef97e3e84baf02cda8446aaf0ef948d5ac9acf5faadd3440c3e61b52ab011
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3U:/7BSH8zUB+nGESaaRvoB7FJNndnt

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  dff4571b3987dfee201924398c3b7469_JaffaCakes118
- Size
  
  184KB
- MD5
  
  dff4571b3987dfee201924398c3b7469
- SHA1
  
  d7e03dfe52880e1532d3c84aa71f6784d50481f9
- SHA256
  
  f4ad5f3733842846c316d6ad3e5047e69a4a60e61f76290f167a66fbc1964930
- SHA512
  
  483526f56b9575a49f60ee38de049bb2da5d3bb91cc39894b73957e2a7e2f55c87fef97e3e84baf02cda8446aaf0ef948d5ac9acf5faadd3440c3e61b52ab011
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3U:/7BSH8zUB+nGESaaRvoB7FJNndnt
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution