1575aef9498b17365cfd11088dd585b4a14b056b7c43abc6a5c83389fd87e572 | Triage

Sharing

General

Target

3f5936f8c4c1416eb39b4c3f5335c20c_JaffaCakes118
Size

184KB
Sample

241013-mkzn5ssanb
MD5

3f5936f8c4c1416eb39b4c3f5335c20c
SHA1

3f82a1f53548fdddfa6aa54862f37fb3bab0c1ea
SHA256

1575aef9498b17365cfd11088dd585b4a14b056b7c43abc6a5c83389fd87e572
SHA512

ad0725153fa1c232640e62734e5b72454053a282378a0777d9e233b5b25104fabdbfbdbdac28385a0ed12e64d5c7d4d7288c034492a160c24ae5c69927990110
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3L:/7BSH8zUB+nGESaaRvoB7FJNndnS

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  3f5936f8c4c1416eb39b4c3f5335c20c_JaffaCakes118
- Size
  
  184KB
- MD5
  
  3f5936f8c4c1416eb39b4c3f5335c20c
- SHA1
  
  3f82a1f53548fdddfa6aa54862f37fb3bab0c1ea
- SHA256
  
  1575aef9498b17365cfd11088dd585b4a14b056b7c43abc6a5c83389fd87e572
- SHA512
  
  ad0725153fa1c232640e62734e5b72454053a282378a0777d9e233b5b25104fabdbfbdbdac28385a0ed12e64d5c7d4d7288c034492a160c24ae5c69927990110
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3L:/7BSH8zUB+nGESaaRvoB7FJNndnS
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution