General

  • Target

    a37ec219182123135e4ff88ddb37b0f2_JaffaCakes118

  • Size

    233B

  • Sample

    240613-ckr9ys1arc

  • MD5

    a37ec219182123135e4ff88ddb37b0f2

  • SHA1

    55d1a67abb281a6d968f5ec109a548ff69ddc19e

  • SHA256

    479999357edac82e78e544342298cf2a43c85943291e5601bf5e77ea0e0b6692

  • SHA512

    cb8d8d7676d7c78b25b5a5ba462770cb210213e4046048f70778adcce04300e637bb2eb103f049b66f65500812af01c5bdc7e66e4594b807514a69b236696aa0

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://www.upload.ee/download/12337666/a8502597ffba17fc467a/fuck.pdf

Targets

    • Target

      a37ec219182123135e4ff88ddb37b0f2_JaffaCakes118

    • Size

      233B

    • MD5

      a37ec219182123135e4ff88ddb37b0f2

    • SHA1

      55d1a67abb281a6d968f5ec109a548ff69ddc19e

    • SHA256

      479999357edac82e78e544342298cf2a43c85943291e5601bf5e77ea0e0b6692

    • SHA512

      cb8d8d7676d7c78b25b5a5ba462770cb210213e4046048f70778adcce04300e637bb2eb103f049b66f65500812af01c5bdc7e66e4594b807514a69b236696aa0

    Score
    10/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks