General
-
Target
e987477b0d14b6d7075f0105aa28ba92_JaffaCakes118
-
Size
4.8MB
-
Sample
240409-jzfyssde5v
-
MD5
e987477b0d14b6d7075f0105aa28ba92
-
SHA1
54bb1ac38e517b3adf97ccb38b0d3a8ce71b1fab
-
SHA256
4fe326571995d0c02e822c70ad842f70b5f217c4a8dd4ed979f196b60711e00b
-
SHA512
bb6fc302409d60e918d130a48708bd83851b50bda20481436ab65d2091d061e61018617c542cfb8df090f79992ce9393fed2341bd1b8a38af4829a2f4383af68
-
SSDEEP
98304:8Sis3whP2XB/9Jp3KbjnCDHMz+7ZrrZPx3AqadVQnnPcMj:S92x/vNungMIZfZPx3knQPck
Malware Config
Targets
-
-
Target
e987477b0d14b6d7075f0105aa28ba92_JaffaCakes118
-
Size
4.8MB
-
MD5
e987477b0d14b6d7075f0105aa28ba92
-
SHA1
54bb1ac38e517b3adf97ccb38b0d3a8ce71b1fab
-
SHA256
4fe326571995d0c02e822c70ad842f70b5f217c4a8dd4ed979f196b60711e00b
-
SHA512
bb6fc302409d60e918d130a48708bd83851b50bda20481436ab65d2091d061e61018617c542cfb8df090f79992ce9393fed2341bd1b8a38af4829a2f4383af68
-
SSDEEP
98304:8Sis3whP2XB/9Jp3KbjnCDHMz+7ZrrZPx3AqadVQnnPcMj:S92x/vNungMIZfZPx3knQPck
Score10/10-
Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
-
Babadeda Crypter
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-