a94334305aef9a593bd192f2a0b3b0279c5a16d77578e9a331f3f22a9c414a4c | Triage

Sharing

General

Target

fd07f5f7835326e32458095da5abd1a6_JaffaCakes118
Size

184KB
Sample

240928-yl922swglc
MD5

fd07f5f7835326e32458095da5abd1a6
SHA1

d5182ed8a648626c685fd4cfa9c6a40f8d8fb1bd
SHA256

a94334305aef9a593bd192f2a0b3b0279c5a16d77578e9a331f3f22a9c414a4c
SHA512

591323715a5b0bae7d276b8faad86bb7118e0a6520af788035079dda9e3cf013b86ffe5305f251fcc34f3a4bacb9cc3157a35836580f046e0600747fe3082eb1
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Wi:/7BSH8zUB+nGESaaRvoB7FJNndnPi

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  fd07f5f7835326e32458095da5abd1a6_JaffaCakes118
- Size
  
  184KB
- MD5
  
  fd07f5f7835326e32458095da5abd1a6
- SHA1
  
  d5182ed8a648626c685fd4cfa9c6a40f8d8fb1bd
- SHA256
  
  a94334305aef9a593bd192f2a0b3b0279c5a16d77578e9a331f3f22a9c414a4c
- SHA512
  
  591323715a5b0bae7d276b8faad86bb7118e0a6520af788035079dda9e3cf013b86ffe5305f251fcc34f3a4bacb9cc3157a35836580f046e0600747fe3082eb1
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Wi:/7BSH8zUB+nGESaaRvoB7FJNndnPi
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution