6e62836df0e98eab2e94e48aa6c4536417656edac11df5a857b05ce400603dc3 | Triage

Sharing

General

Target

3e9dc8fbdc1982294d3072e659ab3a09_JaffaCakes118
Size

184KB
Sample

241013-jj6jhsvhqf
MD5

3e9dc8fbdc1982294d3072e659ab3a09
SHA1

5ee06aabb71bfd63fd481da6f6e6e238e90daf2f
SHA256

6e62836df0e98eab2e94e48aa6c4536417656edac11df5a857b05ce400603dc3
SHA512

84c0ac340014d4fe5ffabc3f5454570d05fd03496bdb7a3bfe8591c3b636ed34ef13a43e98d01a52be26d57c43e0960f6054947b3cfe6373cb71287e30e5c29b
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3T:/7BSH8zUB+nGESaaRvoB7FJNndne

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  3e9dc8fbdc1982294d3072e659ab3a09_JaffaCakes118
- Size
  
  184KB
- MD5
  
  3e9dc8fbdc1982294d3072e659ab3a09
- SHA1
  
  5ee06aabb71bfd63fd481da6f6e6e238e90daf2f
- SHA256
  
  6e62836df0e98eab2e94e48aa6c4536417656edac11df5a857b05ce400603dc3
- SHA512
  
  84c0ac340014d4fe5ffabc3f5454570d05fd03496bdb7a3bfe8591c3b636ed34ef13a43e98d01a52be26d57c43e0960f6054947b3cfe6373cb71287e30e5c29b
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3T:/7BSH8zUB+nGESaaRvoB7FJNndne
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution