General
-
Target
ffe0725f8f70f4e1e13f301906a3aa25_JaffaCakes118
-
Size
17KB
-
Sample
240421-wxcjtagf98
-
MD5
ffe0725f8f70f4e1e13f301906a3aa25
-
SHA1
2284f8ecbc7f92e8985e431f62fddca8793218f7
-
SHA256
c536aa72e5340413ad0bb7a1e4d675438c5301015523cb1801b7253b8053d1b9
-
SHA512
dc314e1c01b27dff323cd2967627e41a997e821b7c37d94f75a75d484dbffe8d472d2ae03985b340cd74be545331d3424a58738c86f164e4ac9fb7f3801c22ef
-
SSDEEP
384:xFHfPvdIUcmZO2Zp+Nye8pqrmub8TyztsDN:xtNIUoKK8o8TyJc
Malware Config
Targets
-
-
Target
ffe0725f8f70f4e1e13f301906a3aa25_JaffaCakes118
-
Size
17KB
-
MD5
ffe0725f8f70f4e1e13f301906a3aa25
-
SHA1
2284f8ecbc7f92e8985e431f62fddca8793218f7
-
SHA256
c536aa72e5340413ad0bb7a1e4d675438c5301015523cb1801b7253b8053d1b9
-
SHA512
dc314e1c01b27dff323cd2967627e41a997e821b7c37d94f75a75d484dbffe8d472d2ae03985b340cd74be545331d3424a58738c86f164e4ac9fb7f3801c22ef
-
SSDEEP
384:xFHfPvdIUcmZO2Zp+Nye8pqrmub8TyztsDN:xtNIUoKK8o8TyJc
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-