1b847caaf38348409a73720a12b873672ee5cc1be743cb62fa9f4097b6ff69fc | Triage

Sharing

General

Target

434128856ff38548fe68606a28ac1d1e_JaffaCakes118
Size

2KB
Sample

240514-1ze5yaae81
MD5

434128856ff38548fe68606a28ac1d1e
SHA1

f5c7212d1823a383e3f0872c199c75d958816538
SHA256

1b847caaf38348409a73720a12b873672ee5cc1be743cb62fa9f4097b6ff69fc
SHA512

71c8b0fd6917c5ae7cd33efd493b7d77c8fade356321b2909619cd1aee696d401a0403352184b5448d12a2d2a8a3a3ec1ace38434251988e21b8447312f9f6b2

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://sepogy.epiain.com/v2/gl.php?aHR0cHM6Ly9zZXBvZ3kuZXBpYWluLmNvbS92Mnx4b3Vn%

Targets

- Target
  
  434128856ff38548fe68606a28ac1d1e_JaffaCakes118
- Size
  
  2KB
- MD5
  
  434128856ff38548fe68606a28ac1d1e
- SHA1
  
  f5c7212d1823a383e3f0872c199c75d958816538
- SHA256
  
  1b847caaf38348409a73720a12b873672ee5cc1be743cb62fa9f4097b6ff69fc
- SHA512
  
  71c8b0fd6917c5ae7cd33efd493b7d77c8fade356321b2909619cd1aee696d401a0403352184b5448d12a2d2a8a3a3ec1ace38434251988e21b8447312f9f6b2
Score

10^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2