a6889f381c7b9987822b77e10ef45f46a627b1e8d88985fffa14f3c40e71360d | Triage

Sharing

General

Target

e05549905893453a1136032f943ade8a_JaffaCakes118
Size

2KB
Sample

240914-ra9htaxcqr
MD5

e05549905893453a1136032f943ade8a
SHA1

945d602c4f1755fced13bac2b3dcb83d208db9e7
SHA256

a6889f381c7b9987822b77e10ef45f46a627b1e8d88985fffa14f3c40e71360d
SHA512

70c8289723b910a5537e952958d954f3263645a69a28dbe89abe3ce92347bcef6d41fbd0a09fc4032ba74836ea85653082d6951d0d411b1374d34a3481ede78f

Score

8^/10

execution

Malware Config

Targets

- Target
  
  2019_03_2877003539153___9805356413319074.js
- Size
  
  5KB
- MD5
  
  ce4094644909bb5af2425a37492572c4
- SHA1
  
  e49b29ef0870d3b47da3b8c5cf633f5d939e631c
- SHA256
  
  ea83f37ea40704a8cc7d9c1b63fd0b3bf7d15d9bb17c13dccfb91d64e48f33b8
- SHA512
  
  10606ee66158ad3adca3451d9f5429bf36e00d2f258d2de5474bf36bc911d1de7c7334a1af0f08aa8114dd775e936bb443580590e0c1b2012ada014fcc69d000
- SSDEEP
  
  96:k/zB/Ssp3FcKlNmAEbBZ3a/WKFkDYJ6xTXFyn3+LpOlMmBrE2lKlIav7b/VqfqwJ:WKs7/mAEbBZYWKFkDty3gpqlE2lKlIaW
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2