7cce13c40faccfe208b7e081b4a9cd721d64eacb7b9ad3b2d57b110523fb08fa | Triage

Sharing

General

Target

4569cf9c0cf9bd31c85d02c1f0daf67e_JaffaCakes118
Size

184KB
Sample

241015-c4kzzszfja
MD5

4569cf9c0cf9bd31c85d02c1f0daf67e
SHA1

7c0a80635dc6453946fa53b228d27930af5fe16d
SHA256

7cce13c40faccfe208b7e081b4a9cd721d64eacb7b9ad3b2d57b110523fb08fa
SHA512

e7dd77b17cfeeea45e7adf1dcc3aaa74548a5428713ab4c721b7240181114598a9ddc561cd664deeab35a13652149e414b1d05ebdd6c3d2cddc9b93baf647e64
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3J:/7BSH8zUB+nGESaaRvoB7FJNndnc

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  4569cf9c0cf9bd31c85d02c1f0daf67e_JaffaCakes118
- Size
  
  184KB
- MD5
  
  4569cf9c0cf9bd31c85d02c1f0daf67e
- SHA1
  
  7c0a80635dc6453946fa53b228d27930af5fe16d
- SHA256
  
  7cce13c40faccfe208b7e081b4a9cd721d64eacb7b9ad3b2d57b110523fb08fa
- SHA512
  
  e7dd77b17cfeeea45e7adf1dcc3aaa74548a5428713ab4c721b7240181114598a9ddc561cd664deeab35a13652149e414b1d05ebdd6c3d2cddc9b93baf647e64
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3J:/7BSH8zUB+nGESaaRvoB7FJNndnc
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution