General
-
Target
f4f71bb2bb264d88552eb31ccbf94954_JaffaCakes118
-
Size
184KB
-
Sample
240417-ebrceaed2t
-
MD5
f4f71bb2bb264d88552eb31ccbf94954
-
SHA1
939ed961207277c52ce56790f508348e985eae17
-
SHA256
c0dc6bab7942066aa5bb7389e16028a670e55171cfb758fa073d7e3ffe91b898
-
SHA512
068a08c3669870a8ac52026da6a37d39bbb7064f7e3bf693479cbfb103edaaffc5c986875c3b076a6b7b24e7b7f02ad60baee40d1547552730b5fbe256a6020a
-
SSDEEP
3072:OI5r7BV9YUdtG716ennADVHMfcRAGKB+uMTEd1CT:Oibu1tnADVsERAGKB+uSEd
Malware Config
Targets
-
-
Target
f4f71bb2bb264d88552eb31ccbf94954_JaffaCakes118
-
Size
184KB
-
MD5
f4f71bb2bb264d88552eb31ccbf94954
-
SHA1
939ed961207277c52ce56790f508348e985eae17
-
SHA256
c0dc6bab7942066aa5bb7389e16028a670e55171cfb758fa073d7e3ffe91b898
-
SHA512
068a08c3669870a8ac52026da6a37d39bbb7064f7e3bf693479cbfb103edaaffc5c986875c3b076a6b7b24e7b7f02ad60baee40d1547552730b5fbe256a6020a
-
SSDEEP
3072:OI5r7BV9YUdtG716ennADVHMfcRAGKB+uMTEd1CT:Oibu1tnADVsERAGKB+uSEd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-