General
-
Target
0c0eb4a702559920b1a33060aee8237e_JaffaCakes118
-
Size
228KB
-
Sample
240625-cylpbsyhrk
-
MD5
0c0eb4a702559920b1a33060aee8237e
-
SHA1
b13e16e0b304a609f3a6e4c56478394161fc51b2
-
SHA256
0e286cb3cb352f71c8ed8c6240e19b69931e4eb9695ad3f3ca6f6cd8d04d3537
-
SHA512
6a21e3fac7b578d265eb638c18d9a605b54f21c8ec0a0c3ce8374a6b54c5bc1c712ee303c6ae672abeba0908aa4b44b59ad3f4ff22bd35ae4266380c95afc312
-
SSDEEP
6144:1KEp3dwqsNy5ibpNjl4EqxF6snji81RUinKICf:AEldQxlf
Malware Config
Targets
-
-
Target
0c0eb4a702559920b1a33060aee8237e_JaffaCakes118
-
Size
228KB
-
MD5
0c0eb4a702559920b1a33060aee8237e
-
SHA1
b13e16e0b304a609f3a6e4c56478394161fc51b2
-
SHA256
0e286cb3cb352f71c8ed8c6240e19b69931e4eb9695ad3f3ca6f6cd8d04d3537
-
SHA512
6a21e3fac7b578d265eb638c18d9a605b54f21c8ec0a0c3ce8374a6b54c5bc1c712ee303c6ae672abeba0908aa4b44b59ad3f4ff22bd35ae4266380c95afc312
-
SSDEEP
6144:1KEp3dwqsNy5ibpNjl4EqxF6snji81RUinKICf:AEldQxlf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-