General
-
Target
a327d250e7bbf917a430e061928a0620_JaffaCakes118
-
Size
316KB
-
Sample
240613-at25ea1brk
-
MD5
a327d250e7bbf917a430e061928a0620
-
SHA1
e0a9f9ff30e7490778f2016b09c021b5861ffc92
-
SHA256
4e7534a8e4f5f30d307129c8afcf0ba2d109de663d5263c03065e88e4a2ad109
-
SHA512
d1340e66b7eb0ddf2a789ef202d2e0995e807f4459e891aecdcd7b9e0b2ab00bc02d5218922c1fea0021956b1069aca0b49b77f609901cbd4f6f713b32d83e85
-
SSDEEP
6144:c49F//ILV18/sGqFEQBTYjkXs0qO+q17Xwcd8sTVzzQWkpEvWvikTvZ4FX4rQ54:c49KB18nWEQBT+kXs0tDlVzzHvUfTS8f
Static task
static1
Behavioral task
behavioral1
Sample
info.scr
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
info.scr
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
info.scr
-
Size
437KB
-
MD5
c75624c40c430ca50d418767035ad89a
-
SHA1
b45deccb9657a9042a02088914b63a3c00ed9282
-
SHA256
54537c67270e641f94efd1fa7e226965fb968e5fa7293b4926132eb6eab4fb51
-
SHA512
9a9bed1099412fa6f1eabdee3350afc42bf5d87ebb23c5e4afcd177974c8da52f0cc02236225aacb31f20cc14669771d0f8999eaba11d714c8c5b1b105e3bb2f
-
SSDEEP
6144:nyzggsbLf3igYynSaBtDs6Co+7B+xRlpnEEPMI8nzU8BIcAFwqw:nyzEd3BBlsZoSBQ6OMrzU4JAFwqw
Score8/10-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Adds Run key to start application
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-
Suspicious use of SetThreadContext
-