General
-
Target
003ebc02979788d54503d677624b9573_JaffaCakes118
-
Size
3.0MB
-
Sample
240426-hxlktsbd65
-
MD5
003ebc02979788d54503d677624b9573
-
SHA1
e1c8371cb1528b3349edfd56b41cdc0b25789aa1
-
SHA256
328ce7e6262695a3fccbd1e1faf5ef0a119bf58eb7263ca4f3c1ac6a747aa5b6
-
SHA512
e6e4581454c9dbc595c9fb489b0d5972dca0d71e8bafd188d19127baa8348c9a82f97e8388c2b3485a09739c19d3fe1653185cc0d0423117ba72887e01eb641b
-
SSDEEP
49152:4XkFaYyNnAkRnBLR3CzyHiUQrGlVWNApdgmL2z1MBLzqy4H5t6Jkg7Iy3:xUT5AkRBLR3g2iUQrK8OjzLyhyYamK
Malware Config
Targets
-
-
Target
003ebc02979788d54503d677624b9573_JaffaCakes118
-
Size
3.0MB
-
MD5
003ebc02979788d54503d677624b9573
-
SHA1
e1c8371cb1528b3349edfd56b41cdc0b25789aa1
-
SHA256
328ce7e6262695a3fccbd1e1faf5ef0a119bf58eb7263ca4f3c1ac6a747aa5b6
-
SHA512
e6e4581454c9dbc595c9fb489b0d5972dca0d71e8bafd188d19127baa8348c9a82f97e8388c2b3485a09739c19d3fe1653185cc0d0423117ba72887e01eb641b
-
SSDEEP
49152:4XkFaYyNnAkRnBLR3CzyHiUQrGlVWNApdgmL2z1MBLzqy4H5t6Jkg7Iy3:xUT5AkRBLR3g2iUQrK8OjzLyhyYamK
Score8/10-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Drops file in System32 directory
-