General
-
Target
ec5cbf616ed9d659f5194e48a5841923_JaffaCakes118
-
Size
288KB
-
Sample
240411-begetsba9w
-
MD5
ec5cbf616ed9d659f5194e48a5841923
-
SHA1
c328291cf6f6367a748ab0a42774d26c02dba32e
-
SHA256
76faf453d6dd150b8c2216762802271d96329c3568be2c68b51bc689feba2225
-
SHA512
80c94dc44940f67c2ae08e8f5b58a819b921fec01e5a0b42c0b6c7493fc6d8b35ab518f6c29870a0b8f58d58827cdaeaf9637c48086e35212e03f7497be3e62c
-
SSDEEP
6144:YOcOHO54AO54pv0xkAjRLkJDAGZU2ZIDi:YOLHO54AO54pv0xkAjRLkJDAGZU2ZIDi
Malware Config
Targets
-
-
Target
ec5cbf616ed9d659f5194e48a5841923_JaffaCakes118
-
Size
288KB
-
MD5
ec5cbf616ed9d659f5194e48a5841923
-
SHA1
c328291cf6f6367a748ab0a42774d26c02dba32e
-
SHA256
76faf453d6dd150b8c2216762802271d96329c3568be2c68b51bc689feba2225
-
SHA512
80c94dc44940f67c2ae08e8f5b58a819b921fec01e5a0b42c0b6c7493fc6d8b35ab518f6c29870a0b8f58d58827cdaeaf9637c48086e35212e03f7497be3e62c
-
SSDEEP
6144:YOcOHO54AO54pv0xkAjRLkJDAGZU2ZIDi:YOLHO54AO54pv0xkAjRLkJDAGZU2ZIDi
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-