General
-
Target
03bacf112cb9cbabc9a5d807aaebcf8e_JaffaCakes118
-
Size
256KB
-
Sample
240620-hgfdwavaka
-
MD5
03bacf112cb9cbabc9a5d807aaebcf8e
-
SHA1
4d812070e43a4312636b7f39f87e1b6a0fc299c3
-
SHA256
aeefdd9253151905bc051e071d29cbca18c5ed4531c949b6c12698f051894303
-
SHA512
dbc1e5848ab80d1d9f24d1bf180e0793ff0bf9649f84e4e30d29020fc1bfaf6200040107ea4e1441b9e8cec16662d3ac5e39ced235b13e450f987b6129f6a814
-
SSDEEP
6144:GZ86/lKv0HDYrkJd2y2PIGpB0ljmHfasED19+mVRUX1q2o:lyF2wqojm3ED1noq2o
Malware Config
Targets
-
-
Target
03bacf112cb9cbabc9a5d807aaebcf8e_JaffaCakes118
-
Size
256KB
-
MD5
03bacf112cb9cbabc9a5d807aaebcf8e
-
SHA1
4d812070e43a4312636b7f39f87e1b6a0fc299c3
-
SHA256
aeefdd9253151905bc051e071d29cbca18c5ed4531c949b6c12698f051894303
-
SHA512
dbc1e5848ab80d1d9f24d1bf180e0793ff0bf9649f84e4e30d29020fc1bfaf6200040107ea4e1441b9e8cec16662d3ac5e39ced235b13e450f987b6129f6a814
-
SSDEEP
6144:GZ86/lKv0HDYrkJd2y2PIGpB0ljmHfasED19+mVRUX1q2o:lyF2wqojm3ED1noq2o
Score8/10-
Adds policy Run key to start application
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-