60a34b932b8d6dfbd8f69853862a25c395eb8e0541a90aee88ac60724fd5a3db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f332a1fc94ab197265e72316830f9c8_JaffaCakes118
Size

2KB
Sample

240502-318jzsbh53
MD5

0f332a1fc94ab197265e72316830f9c8
SHA1

c03695ae826a6e0763e98bdbb33a2cfbec7cadc4
SHA256

60a34b932b8d6dfbd8f69853862a25c395eb8e0541a90aee88ac60724fd5a3db
SHA512

b6a5b083e803b7f8ff3df82748f60452cea157b052a41a0ffcc49c9866e718c7f085cef1257f44173aeaf186016378b73df337d85334a843076f55665a0f2fb2

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://checkerrors.ug./payload.ps1

Targets

- Target
  
  0f332a1fc94ab197265e72316830f9c8_JaffaCakes118
- Size
  
  2KB
- MD5
  
  0f332a1fc94ab197265e72316830f9c8
- SHA1
  
  c03695ae826a6e0763e98bdbb33a2cfbec7cadc4
- SHA256
  
  60a34b932b8d6dfbd8f69853862a25c395eb8e0541a90aee88ac60724fd5a3db
- SHA512
  
  b6a5b083e803b7f8ff3df82748f60452cea157b052a41a0ffcc49c9866e718c7f085cef1257f44173aeaf186016378b73df337d85334a843076f55665a0f2fb2
Score

10^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2