General
-
Target
fb62324191792a4298377deab42ea4cf_JaffaCakes118
-
Size
32KB
-
Sample
240419-272vcaaa65
-
MD5
fb62324191792a4298377deab42ea4cf
-
SHA1
2a9c003312f5577717df3982ed42badef54ac4a5
-
SHA256
dd3492b140004d0b8746e026648a1a2c3628e8c27bf73bed7bb8138ac7ef9ffb
-
SHA512
56e0c315479c8a1537f158b48e7aaa159ff2f5b87d329c7c1feb2a3236a38d324bef26781c558e2d43f13d39655c50cae1ebfcfbc30924c5630d1b409ea31866
-
SSDEEP
768:tJKVTZv/eUkH21SuluU9IO/jzm+xdHW2+FRth8:tEVTZv/fkHePf/HTdHo8
Malware Config
Targets
-
-
Target
fb62324191792a4298377deab42ea4cf_JaffaCakes118
-
Size
32KB
-
MD5
fb62324191792a4298377deab42ea4cf
-
SHA1
2a9c003312f5577717df3982ed42badef54ac4a5
-
SHA256
dd3492b140004d0b8746e026648a1a2c3628e8c27bf73bed7bb8138ac7ef9ffb
-
SHA512
56e0c315479c8a1537f158b48e7aaa159ff2f5b87d329c7c1feb2a3236a38d324bef26781c558e2d43f13d39655c50cae1ebfcfbc30924c5630d1b409ea31866
-
SSDEEP
768:tJKVTZv/eUkH21SuluU9IO/jzm+xdHW2+FRth8:tEVTZv/fkHePf/HTdHo8
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Drops file in System32 directory
-