General
-
Target
0dc3e3afa6ee3edeb0b35dab41f605d5_JaffaCakes118
-
Size
256KB
-
Sample
240625-mq61eaxgqq
-
MD5
0dc3e3afa6ee3edeb0b35dab41f605d5
-
SHA1
a85b6a8084c2d714211ad86283a4b5a5d11f73c1
-
SHA256
14064044bd947383ddc23b53663ffaa5515f3306e55270f2fe11746347668d8a
-
SHA512
3de3b2aaf6eb6bd3d686d702e13c0d9bc6832ef4ea08c73dd845bda5172eb42071e0e240e5ab3493cd946a495ac8a5da2507e58a22d5f4bb2d72867ebb2574d1
-
SSDEEP
3072:rfnlSlAJg1aVTYovL0aKVRy2MmNnAP9AaKm8lOb7gTsUeTq3f3rie+eMZfIrWbS+:DlCA0iMybSXlIEnN0BicThOtMKg
Malware Config
Targets
-
-
Target
0dc3e3afa6ee3edeb0b35dab41f605d5_JaffaCakes118
-
Size
256KB
-
MD5
0dc3e3afa6ee3edeb0b35dab41f605d5
-
SHA1
a85b6a8084c2d714211ad86283a4b5a5d11f73c1
-
SHA256
14064044bd947383ddc23b53663ffaa5515f3306e55270f2fe11746347668d8a
-
SHA512
3de3b2aaf6eb6bd3d686d702e13c0d9bc6832ef4ea08c73dd845bda5172eb42071e0e240e5ab3493cd946a495ac8a5da2507e58a22d5f4bb2d72867ebb2574d1
-
SSDEEP
3072:rfnlSlAJg1aVTYovL0aKVRy2MmNnAP9AaKm8lOb7gTsUeTq3f3rie+eMZfIrWbS+:DlCA0iMybSXlIEnN0BicThOtMKg
Score8/10-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-