bbf3837e28180736b933c91cca6892e1cd1e926c5c7f2dc4bd6a5ce2bd1a5bfc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69a86ec75e20d552d8963a36a3acfda9_JaffaCakes118
Size

1KB
Sample

240523-ejd22sdb3y
MD5

69a86ec75e20d552d8963a36a3acfda9
SHA1

f343478ea81d8193006e6974f1a3a0cfcf373140
SHA256

bbf3837e28180736b933c91cca6892e1cd1e926c5c7f2dc4bd6a5ce2bd1a5bfc
SHA512

9ccdde87329047073ea880ab5cb1fc62686ac71873ae0fd10369dde328fc8e8acd7e928d8bd04fb6011ddae728915ea0033ba18c899deac04b2c156cea79ec5b

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://nocs.com.br/wp-content/themes/cake/md2.php

Targets

- Target
  
  Gera Extrato/Gera Extrato 938457897.lnk
- Size
  
  3KB
- MD5
  
  99cc62babfa2cb803dbbef0faa08e5f4
- SHA1
  
  0c1bf49fd2b5c6f1f2901bf4fbf07e2df460b36f
- SHA256
  
  ea63f54224eecebb57d935987b0a9f329f3fc3796e0bf2e3470db3609d6aa165
- SHA512
  
  4a3e73d161a9c7f7fc8e25884afdd72ddfffeaa585fc4cef87465b654dd32772db2223441736f62d88e15d2164660cfeb83ee837c4b871ced4c884eacea490c7
Score

10^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2