General
-
Target
0cd1687a0afa006054641ca20c7666f3_JaffaCakes118
-
Size
240KB
-
Sample
240625-f9t2mawdqq
-
MD5
0cd1687a0afa006054641ca20c7666f3
-
SHA1
1a9e2368f344bbcf35877db3617fff1519ae4b11
-
SHA256
1b9e98fcc073dabee841fbae8df595dc6515c581c437da23d567b21757780a5c
-
SHA512
80f114c722508bccb4d7fd598ce13735fe0bed3834e8711d7e5b9e33175c29f8ab7407cabf454663b5ebc32bca78b13895679135372153579c4b6d22bcfd1b98
-
SSDEEP
6144:SUw3dwqsNwemAB0EqxF6snji81RUinKchhyKSQ:4dQQJsF
Malware Config
Targets
-
-
Target
0cd1687a0afa006054641ca20c7666f3_JaffaCakes118
-
Size
240KB
-
MD5
0cd1687a0afa006054641ca20c7666f3
-
SHA1
1a9e2368f344bbcf35877db3617fff1519ae4b11
-
SHA256
1b9e98fcc073dabee841fbae8df595dc6515c581c437da23d567b21757780a5c
-
SHA512
80f114c722508bccb4d7fd598ce13735fe0bed3834e8711d7e5b9e33175c29f8ab7407cabf454663b5ebc32bca78b13895679135372153579c4b6d22bcfd1b98
-
SSDEEP
6144:SUw3dwqsNwemAB0EqxF6snji81RUinKchhyKSQ:4dQQJsF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-