General
-
Target
f1ab0da6555211260da39bc65d18e69b_JaffaCakes118
-
Size
1001KB
-
Sample
240415-wq4pqacg89
-
MD5
f1ab0da6555211260da39bc65d18e69b
-
SHA1
2e68d098aaf88b35934dce2e7187f0a85e2d9332
-
SHA256
908d707816c510eca9eca1f2ef43e600d6a8ef8ee0e0e80d1e24d169d599c5cb
-
SHA512
d40f763a46cfd3efaca57c312da385a40f1a8235d657f6f6af42b49b69c026d9215f494cf1586e47ddd03fbe8f0cb4375f3ab653cb5286aa1229f05161068b41
-
SSDEEP
24576:LWE2SV6iH+sQN4LRLwvQ+L256qZhCNr/B7uy6:iUdH+s8Y+aZo7B7
Malware Config
Targets
-
-
Target
f1ab0da6555211260da39bc65d18e69b_JaffaCakes118
-
Size
1001KB
-
MD5
f1ab0da6555211260da39bc65d18e69b
-
SHA1
2e68d098aaf88b35934dce2e7187f0a85e2d9332
-
SHA256
908d707816c510eca9eca1f2ef43e600d6a8ef8ee0e0e80d1e24d169d599c5cb
-
SHA512
d40f763a46cfd3efaca57c312da385a40f1a8235d657f6f6af42b49b69c026d9215f494cf1586e47ddd03fbe8f0cb4375f3ab653cb5286aa1229f05161068b41
-
SSDEEP
24576:LWE2SV6iH+sQN4LRLwvQ+L256qZhCNr/B7uy6:iUdH+s8Y+aZo7B7
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-