General
-
Target
0a6a0450c5f3a6a71773cf2e7b8e3171_JaffaCakes118
-
Size
160KB
-
Sample
240624-x65gmaygpe
-
MD5
0a6a0450c5f3a6a71773cf2e7b8e3171
-
SHA1
18f04da4d9fce3cf22706fe47e40511c7d9040a5
-
SHA256
4df8a24c646ac1e3a0021a1cbe4820a879c6763c0b7db0c1cafcba36deb9a8c9
-
SHA512
303e98cbdefa0cebc211978f66add874e358f10eb1187be83c066561a42512c13ca699368251c6efc9a0fad745b8f227cedb4406ce755ad5498449cb7a9ca317
-
SSDEEP
3072:eGzsrBCoe5g+GwJs8K9YUoIrJaRuSZ/JlQPj/PYv2wM0B2vmkHgHAGFAhI4oQZi8:eGwrDP9YErMRuSZ/JlQLHYv2PvzGAMAl
Malware Config
Targets
-
-
Target
0a6a0450c5f3a6a71773cf2e7b8e3171_JaffaCakes118
-
Size
160KB
-
MD5
0a6a0450c5f3a6a71773cf2e7b8e3171
-
SHA1
18f04da4d9fce3cf22706fe47e40511c7d9040a5
-
SHA256
4df8a24c646ac1e3a0021a1cbe4820a879c6763c0b7db0c1cafcba36deb9a8c9
-
SHA512
303e98cbdefa0cebc211978f66add874e358f10eb1187be83c066561a42512c13ca699368251c6efc9a0fad745b8f227cedb4406ce755ad5498449cb7a9ca317
-
SSDEEP
3072:eGzsrBCoe5g+GwJs8K9YUoIrJaRuSZ/JlQPj/PYv2wM0B2vmkHgHAGFAhI4oQZi8:eGwrDP9YErMRuSZ/JlQLHYv2PvzGAMAl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-