Extracted

• • Target

    edd1ba6ed1e88ac13caacd2b05442fc9_JaffaCakes118

  • Size

    1KB

  • MD5

    edd1ba6ed1e88ac13caacd2b05442fc9

  • SHA1

    139a667a77a6cccd02b3adb93650a05c999ba48d

  • SHA256

    9741cb496407d8982a7996a59651bce8981139b34630fa49d27d390c1e75c4ce

  • SHA512

    996656d7ee14b8c09014e8a61a2c3ad6ee13efc1b5da730286274b7c58e027ff1efb2fc097d4eced47c3aa2ef1501bac8bbf164845fda7c9550bf583d4ca7104

  Score

  10^/10

  execution

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2