General
-
Target
0863af978ed4bcc502c3408535e3e0ea_JaffaCakes118
-
Size
76KB
-
Sample
240624-n7gmhs1clh
-
MD5
0863af978ed4bcc502c3408535e3e0ea
-
SHA1
50bbc5b393a3452ae4aa594da5d582b676bcc798
-
SHA256
22996f918eaa151297c0b8497408634f8ac0fef74e394b5b3a37aa75e2964a6c
-
SHA512
e6b6a844fe775fddb71282b885cd9dfb05e242df14c81aa0a4d7a8e60119d9ae8532b8975a2a86eb1734b53309cbbb367ba7a229d8f73e4fe3bd4ae766a669a5
-
SSDEEP
1536:dZpibrjRkDgfnzFB9oCnyo2Vl8Eb3W7+ClJ6z8820n:d2brjRJfnJB3nyoWV3ilJq20n
Malware Config
Targets
-
-
Target
0863af978ed4bcc502c3408535e3e0ea_JaffaCakes118
-
Size
76KB
-
MD5
0863af978ed4bcc502c3408535e3e0ea
-
SHA1
50bbc5b393a3452ae4aa594da5d582b676bcc798
-
SHA256
22996f918eaa151297c0b8497408634f8ac0fef74e394b5b3a37aa75e2964a6c
-
SHA512
e6b6a844fe775fddb71282b885cd9dfb05e242df14c81aa0a4d7a8e60119d9ae8532b8975a2a86eb1734b53309cbbb367ba7a229d8f73e4fe3bd4ae766a669a5
-
SSDEEP
1536:dZpibrjRkDgfnzFB9oCnyo2Vl8Eb3W7+ClJ6z8820n:d2brjRJfnJB3nyoWV3ilJq20n
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Disables use of System Restore points
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-