General
-
Target
18074c8038daa5b4d6ae74042b5c5b86_JaffaCakes118
-
Size
172KB
-
Sample
240627-3za74asbqk
-
MD5
18074c8038daa5b4d6ae74042b5c5b86
-
SHA1
f5e382028e8a1256892c03d228aca269efec699d
-
SHA256
0dbdf7228d1c43605e97842f76833cba99fad007ec8f562973da0175d2c0a23a
-
SHA512
34c3b3a484997473dd5dcaeb4a5a586c0f017e02c8af6af87db91b26c964c073b38371b0e69f05ef4bd87ba0c5c5c685bef704bb2f9effdb3b9c831421fe7b15
-
SSDEEP
3072:NbFoTPb4wBD1yyoJueXNym40kf5rIGn5sKI+lWC3xnE235eDNCezA4L6U0tqC6U4:NbG3D4VJlXNym40kf5rIGn5sKIjC3xn2
Malware Config
Targets
-
-
Target
18074c8038daa5b4d6ae74042b5c5b86_JaffaCakes118
-
Size
172KB
-
MD5
18074c8038daa5b4d6ae74042b5c5b86
-
SHA1
f5e382028e8a1256892c03d228aca269efec699d
-
SHA256
0dbdf7228d1c43605e97842f76833cba99fad007ec8f562973da0175d2c0a23a
-
SHA512
34c3b3a484997473dd5dcaeb4a5a586c0f017e02c8af6af87db91b26c964c073b38371b0e69f05ef4bd87ba0c5c5c685bef704bb2f9effdb3b9c831421fe7b15
-
SSDEEP
3072:NbFoTPb4wBD1yyoJueXNym40kf5rIGn5sKI+lWC3xnE235eDNCezA4L6U0tqC6U4:NbG3D4VJlXNym40kf5rIGn5sKIjC3xn2
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-