General
-
Target
25f893dcd08407b78ab70900e029b395_JaffaCakes118
-
Size
7.9MB
-
Sample
240329-s64g4sbg3y
-
MD5
25f893dcd08407b78ab70900e029b395
-
SHA1
012eb171f126f5e830ab288bf7c14fb06ddec6b5
-
SHA256
4928c78c256aaf205f079fd77d8adb2c54098290aa75687796866cdd3f707006
-
SHA512
693fcd12fa04f54e8ab98f08b5c7517aa0e9fbcc2446a69957fd76e88c4002b7fd35fa38d2a1c7183c0f090848313e7bc151e328d9dbd34cf2cfa5bd16eb4113
-
SSDEEP
196608:8Sazg7DSmSazg7DSmSazg7DSmSazg7DSN:Yg7u6g7u6g7u6g7uN
Malware Config
Targets
-
-
Target
25f893dcd08407b78ab70900e029b395_JaffaCakes118
-
Size
7.9MB
-
MD5
25f893dcd08407b78ab70900e029b395
-
SHA1
012eb171f126f5e830ab288bf7c14fb06ddec6b5
-
SHA256
4928c78c256aaf205f079fd77d8adb2c54098290aa75687796866cdd3f707006
-
SHA512
693fcd12fa04f54e8ab98f08b5c7517aa0e9fbcc2446a69957fd76e88c4002b7fd35fa38d2a1c7183c0f090848313e7bc151e328d9dbd34cf2cfa5bd16eb4113
-
SSDEEP
196608:8Sazg7DSmSazg7DSmSazg7DSmSazg7DSN:Yg7u6g7u6g7u6g7uN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-