295e4329e3ce9ad58c9b307852fc3f31cfa364693ff44670ac111d6d77cfa3b4 | Triage

Sharing

General

Target

43b1e5719120f6653047f901eed24e26_JaffaCakes118
Size

184KB
Sample

241014-xkm1fs1bjh
MD5

43b1e5719120f6653047f901eed24e26
SHA1

798ff72c18d5128a7bc2e38dc258c1f91cc7ca2a
SHA256

295e4329e3ce9ad58c9b307852fc3f31cfa364693ff44670ac111d6d77cfa3b4
SHA512

93434cec99c0b15861bd5859c5ab444d73d314dd9057a985f3611e8d0932b89442d47cad35287c29d85f2c531c188ff65bb457783233b392ff399f4f573011d0
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3k:/7BSH8zUB+nGESaaRvoB7FJNndnV

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  43b1e5719120f6653047f901eed24e26_JaffaCakes118
- Size
  
  184KB
- MD5
  
  43b1e5719120f6653047f901eed24e26
- SHA1
  
  798ff72c18d5128a7bc2e38dc258c1f91cc7ca2a
- SHA256
  
  295e4329e3ce9ad58c9b307852fc3f31cfa364693ff44670ac111d6d77cfa3b4
- SHA512
  
  93434cec99c0b15861bd5859c5ab444d73d314dd9057a985f3611e8d0932b89442d47cad35287c29d85f2c531c188ff65bb457783233b392ff399f4f573011d0
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3k:/7BSH8zUB+nGESaaRvoB7FJNndnV
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution