6b9446fe8c52f278c5995c5e4e48b4c892f4c3771f1d444ceef81a2e6a77ae30 | Triage

Sharing

General

Target

fc52a1e3f1e1c7c0b6005bcea6d45c46_JaffaCakes118
Size

184KB
Sample

240928-pw76rsyfqe
MD5

fc52a1e3f1e1c7c0b6005bcea6d45c46
SHA1

8f1d5109224a2cdd87c7ef8336fb074afedfe080
SHA256

6b9446fe8c52f278c5995c5e4e48b4c892f4c3771f1d444ceef81a2e6a77ae30
SHA512

143a9e95c81c1599dc69fb0f74ba778f4651b71a9a4efa24a979f1f93deb2255b5e0235e72dd2046be1b54524794d234429659af5e9e315173aca3818b2a972b
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3M:/7BSH8zUB+nGESaaRvoB7FJNndnR

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  fc52a1e3f1e1c7c0b6005bcea6d45c46_JaffaCakes118
- Size
  
  184KB
- MD5
  
  fc52a1e3f1e1c7c0b6005bcea6d45c46
- SHA1
  
  8f1d5109224a2cdd87c7ef8336fb074afedfe080
- SHA256
  
  6b9446fe8c52f278c5995c5e4e48b4c892f4c3771f1d444ceef81a2e6a77ae30
- SHA512
  
  143a9e95c81c1599dc69fb0f74ba778f4651b71a9a4efa24a979f1f93deb2255b5e0235e72dd2046be1b54524794d234429659af5e9e315173aca3818b2a972b
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3M:/7BSH8zUB+nGESaaRvoB7FJNndnR
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution