General
-
Target
f576fb70250aecee421413812165b2cf_JaffaCakes118
-
Size
705KB
-
Sample
240417-ldsftacd9v
-
MD5
f576fb70250aecee421413812165b2cf
-
SHA1
b47c89f5ee4b67e344d7981b3b1b7be96f31f04c
-
SHA256
8e7cb0d2a8b6bef4d3593241f68d25043a559db262b51e332cb2dc5e6dc9d76b
-
SHA512
95817095003b6aeb11ef5080acb0f3af3ead2fb3eb1c1a7e2e3b1c6fcb931f9a96bcae0da1dfdfca3bdc06d60c40da54adb98c23d99f7cd3a2ac25107653adfa
-
SSDEEP
12288:tDJnJM4OpSpnO8kTZlMro5FB4ODBrfpl7NvrZlcGakjKTQF17yPft5QCbX:VJnJM4OqTW34WFB4ODd7NNlqkjxFJcTv
Static task
static1
Malware Config
Targets
-
-
Target
f576fb70250aecee421413812165b2cf_JaffaCakes118
-
Size
705KB
-
MD5
f576fb70250aecee421413812165b2cf
-
SHA1
b47c89f5ee4b67e344d7981b3b1b7be96f31f04c
-
SHA256
8e7cb0d2a8b6bef4d3593241f68d25043a559db262b51e332cb2dc5e6dc9d76b
-
SHA512
95817095003b6aeb11ef5080acb0f3af3ead2fb3eb1c1a7e2e3b1c6fcb931f9a96bcae0da1dfdfca3bdc06d60c40da54adb98c23d99f7cd3a2ac25107653adfa
-
SSDEEP
12288:tDJnJM4OpSpnO8kTZlMro5FB4ODBrfpl7NvrZlcGakjKTQF17yPft5QCbX:VJnJM4OqTW34WFB4ODd7NNlqkjxFJcTv
-
Expiro payload
-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-