4fd9ac39ba840a298ae238d690b1c19dcf1d65536d803cf0f0cb9b05212e5e72 | Triage

Sharing

General

Target

ee6712e7bfd92df1c33295d37a4a8159_JaffaCakes118
Size

1KB
Sample

240920-zn91haxfmk
MD5

ee6712e7bfd92df1c33295d37a4a8159
SHA1

4ab9cf5a4a9a0e4d369643eca016544e522ef6fa
SHA256

4fd9ac39ba840a298ae238d690b1c19dcf1d65536d803cf0f0cb9b05212e5e72
SHA512

eeabe3328cafa2ce2aeef7b99f7933388ee8df51c1d13de31e5ea651f80700571e5eb7a35b1e48ebf49fb87a786f9cff59f82b0f4dc5007fb8f6c1c38fc4c876

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://sepogy.epiain.com/v2/gl.php?aHR0cHM6Ly9zZXBvZ3kuZXBpYWluLmNvbS92Mnw2NDhR%

Targets

- Target
  
  NotaFiscal_Danfe_N43553454BR.lnk
- Size
  
  2KB
- MD5
  
  c3996410f80fd3137feb0f42074c71ca
- SHA1
  
  2da7caa8372ddb9e6601a029ed3d2128b5263b08
- SHA256
  
  11718e47eee14d48ff490b5443e430607968f9a18d95272e72e128c0c97c6234
- SHA512
  
  a706a0cd9c1a0443476067221786518a46c614a91f0937f384c7e8068d2ed85ff05e243e964556b34fc4c363d7296d229a47db1a37e78382825cf4f37294cb78
Score

10^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2