General
-
Target
eda8b5f3e378fe847e0580e205eb33fd_JaffaCakes118
-
Size
256KB
-
Sample
240411-r12kwsgf9y
-
MD5
eda8b5f3e378fe847e0580e205eb33fd
-
SHA1
f833ebe6a1e3bf312fc1ac1974115d2d49ca9490
-
SHA256
46f7f4ef8cace4c42fd6659c5a735a7dde4f13cc7494ca17e2a9f3e96208c9a1
-
SHA512
77e9cea8d7bd13de670a5009e00ff2e0097a069a70921986abee671f5298532f734ee33c7293a04db7ab2578c90264e7b60de4bbe76dfd08b1d0db8f1fd7532a
-
SSDEEP
3072:x0bfWRrIMNRlZ62Pal2LBJXmzOHm5WZ3K+MCBOQ39cOaRr5ZGPVB:xWepp3PJXCOGY3egOQ39cC
Malware Config
Targets
-
-
Target
eda8b5f3e378fe847e0580e205eb33fd_JaffaCakes118
-
Size
256KB
-
MD5
eda8b5f3e378fe847e0580e205eb33fd
-
SHA1
f833ebe6a1e3bf312fc1ac1974115d2d49ca9490
-
SHA256
46f7f4ef8cace4c42fd6659c5a735a7dde4f13cc7494ca17e2a9f3e96208c9a1
-
SHA512
77e9cea8d7bd13de670a5009e00ff2e0097a069a70921986abee671f5298532f734ee33c7293a04db7ab2578c90264e7b60de4bbe76dfd08b1d0db8f1fd7532a
-
SSDEEP
3072:x0bfWRrIMNRlZ62Pal2LBJXmzOHm5WZ3K+MCBOQ39cOaRr5ZGPVB:xWepp3PJXCOGY3egOQ39cC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-