General
-
Target
bc51d75e0ccb04f8f70150ef706f0467_JaffaCakes118
-
Size
652KB
-
Sample
240404-s91kmabg4s
-
MD5
bc51d75e0ccb04f8f70150ef706f0467
-
SHA1
60a0c47998fd29bebae1ccc55cd64fc047177704
-
SHA256
e1491149214b7dcc7ed61133b9141ec548159602958db025e62eff6eceb0a3a2
-
SHA512
a78420617c4bca0a4db584071f496d84bbc167f29f85f965c523f297cb754dd45698c685c35980235194e6cacd9575ec54b4dfd03cb838fd10dff882a315c987
-
SSDEEP
12288:tDvnZwsufJAODhPx6LefLT/e+GMn3deEE0WOMRxDmsEN2K/mXsQjMYAS:5/Zws/Otp6L8P3drE0WOMRBzEN5/W4Yf
Malware Config
Targets
-
-
Target
bc51d75e0ccb04f8f70150ef706f0467_JaffaCakes118
-
Size
652KB
-
MD5
bc51d75e0ccb04f8f70150ef706f0467
-
SHA1
60a0c47998fd29bebae1ccc55cd64fc047177704
-
SHA256
e1491149214b7dcc7ed61133b9141ec548159602958db025e62eff6eceb0a3a2
-
SHA512
a78420617c4bca0a4db584071f496d84bbc167f29f85f965c523f297cb754dd45698c685c35980235194e6cacd9575ec54b4dfd03cb838fd10dff882a315c987
-
SSDEEP
12288:tDvnZwsufJAODhPx6LefLT/e+GMn3deEE0WOMRxDmsEN2K/mXsQjMYAS:5/Zws/Otp6L8P3drE0WOMRBzEN5/W4Yf
Score10/10-
AdWind
A Java-based RAT family operated as malware-as-a-service.
-
Detect jar appended to MSI
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Drops file in System32 directory
-