878b58285da52aac6d5e9364771034997f85d71ee2840e36805bfdfb1fa6d3fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

078f742c471a846a2f44df04fcd9401f_JaffaCakes118
Size

184KB
Sample

241001-1qkdaswbrg
MD5

078f742c471a846a2f44df04fcd9401f
SHA1

fef13b9762aa17503c14ab68170c9a1be45ea0f5
SHA256

878b58285da52aac6d5e9364771034997f85d71ee2840e36805bfdfb1fa6d3fe
SHA512

37073cff5084751a05642a928a286216d174d187587f3edfd3941a910dfe0326180f0bcd7f4ac88e15bcec28b4887f8d2f2922c3f294123f0802f682589e95a0
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3N:/7BSH8zUB+nGESaaRvoB7FJNndnU

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  078f742c471a846a2f44df04fcd9401f_JaffaCakes118
- Size
  
  184KB
- MD5
  
  078f742c471a846a2f44df04fcd9401f
- SHA1
  
  fef13b9762aa17503c14ab68170c9a1be45ea0f5
- SHA256
  
  878b58285da52aac6d5e9364771034997f85d71ee2840e36805bfdfb1fa6d3fe
- SHA512
  
  37073cff5084751a05642a928a286216d174d187587f3edfd3941a910dfe0326180f0bcd7f4ac88e15bcec28b4887f8d2f2922c3f294123f0802f682589e95a0
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3N:/7BSH8zUB+nGESaaRvoB7FJNndnU
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution