f640400efee35c944b48471cdcb1de8055534550d753c400ea4c68001cb26a50 | Triage

Sharing

General

Target

6feb3b5f4675a71ed3ce26ad036eb6bf_JaffaCakes118
Size

184KB
Sample

241023-vcz9pszhpf
MD5

6feb3b5f4675a71ed3ce26ad036eb6bf
SHA1

e8746d8d4705fe8e67a25d4bd92b92e6e50a48d1
SHA256

f640400efee35c944b48471cdcb1de8055534550d753c400ea4c68001cb26a50
SHA512

ec27674392a9f1ee0b2ffb6fbba37e18b25a54640546d7366262784e6a4cdbf516dba0eecc96df5527bfe3464af751882b2960a6178e87e8374b09d5586d1d72
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3T:/7BSH8zUB+nGESaaRvoB7FJNndnG

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  6feb3b5f4675a71ed3ce26ad036eb6bf_JaffaCakes118
- Size
  
  184KB
- MD5
  
  6feb3b5f4675a71ed3ce26ad036eb6bf
- SHA1
  
  e8746d8d4705fe8e67a25d4bd92b92e6e50a48d1
- SHA256
  
  f640400efee35c944b48471cdcb1de8055534550d753c400ea4c68001cb26a50
- SHA512
  
  ec27674392a9f1ee0b2ffb6fbba37e18b25a54640546d7366262784e6a4cdbf516dba0eecc96df5527bfe3464af751882b2960a6178e87e8374b09d5586d1d72
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3T:/7BSH8zUB+nGESaaRvoB7FJNndnG
Score

8^/10

discovery execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution