General
-
Target
02431063dfe9346d3ae20e678516d6b4_JaffaCakes118
-
Size
9.7MB
-
Sample
240427-dfsklahe89
-
MD5
02431063dfe9346d3ae20e678516d6b4
-
SHA1
18613d51ba5a65bd7e77eacc4a388a5ba02cc716
-
SHA256
6e50e75b1108215c347e32248ade14215406851c86403ba1b7146e5aa00205a1
-
SHA512
13ffc1b720cfc60bc9f5b51d58deb551ec04061572fb40ecc6c868fb3669a6a748760cc6e4b7a6a1d00d93f093cc72ef0c505dd7041319ca63dadb6965cb5958
-
SSDEEP
98304:LY3/Y33Y3AY35Y3MY3ZY3sY3iY3EY3YY3uY3tY3bY3:kw49OxORb5lvKE
Malware Config
Targets
-
-
Target
02431063dfe9346d3ae20e678516d6b4_JaffaCakes118
-
Size
9.7MB
-
MD5
02431063dfe9346d3ae20e678516d6b4
-
SHA1
18613d51ba5a65bd7e77eacc4a388a5ba02cc716
-
SHA256
6e50e75b1108215c347e32248ade14215406851c86403ba1b7146e5aa00205a1
-
SHA512
13ffc1b720cfc60bc9f5b51d58deb551ec04061572fb40ecc6c868fb3669a6a748760cc6e4b7a6a1d00d93f093cc72ef0c505dd7041319ca63dadb6965cb5958
-
SSDEEP
98304:LY3/Y33Y3AY35Y3MY3ZY3sY3iY3EY3YY3uY3tY3bY3:kw49OxORb5lvKE
Score10/10-
FakeAV, RogueAntivirus
FakeAV or Rogue AntiVirus is a class of malware that displays false alert messages.
-
FakeAV payload
-
Adds Run key to start application
-
Drops file in System32 directory
-