General
-
Target
0ef87cbc9d1aca888a02cd1b59a32e69_JaffaCakes118
-
Size
143KB
-
Sample
240625-wa4psawfmr
-
MD5
0ef87cbc9d1aca888a02cd1b59a32e69
-
SHA1
e8fdd3aa0223fe50057fd2cbadc31407d7137a77
-
SHA256
3b8eecedd915c9026d77397220d256e89ac59c5770e7f056657054704203fe3f
-
SHA512
5658f2d4aedf1cf8f516eae912a25d0e2b3893d2b11d2efeb3ae183d316ed31fd3a0b0383853bd6810a630c9c3b1d81137b05ba5f47a9d08b4e757025212cfaf
-
SSDEEP
3072:tLxgbUPb1WpXVxAaGBvbNvNbNJkvmhyPQbaDTUXGIDbwKDqCtrwdAxaVTtVHLkN1:9xguoIDbByGPMsMP
Malware Config
Targets
-
-
Target
0ef87cbc9d1aca888a02cd1b59a32e69_JaffaCakes118
-
Size
143KB
-
MD5
0ef87cbc9d1aca888a02cd1b59a32e69
-
SHA1
e8fdd3aa0223fe50057fd2cbadc31407d7137a77
-
SHA256
3b8eecedd915c9026d77397220d256e89ac59c5770e7f056657054704203fe3f
-
SHA512
5658f2d4aedf1cf8f516eae912a25d0e2b3893d2b11d2efeb3ae183d316ed31fd3a0b0383853bd6810a630c9c3b1d81137b05ba5f47a9d08b4e757025212cfaf
-
SSDEEP
3072:tLxgbUPb1WpXVxAaGBvbNvNbNJkvmhyPQbaDTUXGIDbwKDqCtrwdAxaVTtVHLkN1:9xguoIDbByGPMsMP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-