General

  • Target

    694aa900342d5034dae5fa2f827b9b17_JaffaCakes118

  • Size

    29KB

  • Sample

    240523-bwvzjsgf5w

  • MD5

    694aa900342d5034dae5fa2f827b9b17

  • SHA1

    4835871e45c19629e538de18859e14457a0f6b8e

  • SHA256

    3cef3dbe12c989dd856b06159a3ac80500e6606019a54befffbb679d3d0e0fa6

  • SHA512

    1ab13e034f7e940e8bcd6bc2b20553ac1fd6dc4df5dc9be3d274f7f27e67f8486f65c287583b5756306cf5cad7ede7018580ac1d787dd4506c3c95ea2aa786ee

  • SSDEEP

    768:v6s+l8vBYhSkm+722TdjI8MdlUXjz3m2+JTuA5gYTA0D/4MLI9nf+r:Cs+l8yJm+72LflWOgKZl

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://members.giftera.org/cVNbVdYMuS.php

Targets

    • Target

      694aa900342d5034dae5fa2f827b9b17_JaffaCakes118

    • Size

      29KB

    • MD5

      694aa900342d5034dae5fa2f827b9b17

    • SHA1

      4835871e45c19629e538de18859e14457a0f6b8e

    • SHA256

      3cef3dbe12c989dd856b06159a3ac80500e6606019a54befffbb679d3d0e0fa6

    • SHA512

      1ab13e034f7e940e8bcd6bc2b20553ac1fd6dc4df5dc9be3d274f7f27e67f8486f65c287583b5756306cf5cad7ede7018580ac1d787dd4506c3c95ea2aa786ee

    • SSDEEP

      768:v6s+l8vBYhSkm+722TdjI8MdlUXjz3m2+JTuA5gYTA0D/4MLI9nf+r:Cs+l8yJm+72LflWOgKZl

    Score
    10/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks