General
-
Target
1632f1469ea09f14b1f27c9690a62374_JaffaCakes118
-
Size
240KB
-
Sample
240627-qx2k2swelr
-
MD5
1632f1469ea09f14b1f27c9690a62374
-
SHA1
4721a355b669cea5dcdc731318c3c2277b044916
-
SHA256
76038cc51ecea922009238aa578151fe8efacd31a88009f9c5f9bd4d6795c304
-
SHA512
afe9ce71f2c092664903bb5748c9d658b6bc307a7960dcf01be2ed21915888ceba4cb1da5be3559cefc004650d29a8d6f13e7a4a4f5a88d821099f44ef0ff0f5
-
SSDEEP
6144:bR3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDr:bddQKjeaEEp
Malware Config
Targets
-
-
Target
1632f1469ea09f14b1f27c9690a62374_JaffaCakes118
-
Size
240KB
-
MD5
1632f1469ea09f14b1f27c9690a62374
-
SHA1
4721a355b669cea5dcdc731318c3c2277b044916
-
SHA256
76038cc51ecea922009238aa578151fe8efacd31a88009f9c5f9bd4d6795c304
-
SHA512
afe9ce71f2c092664903bb5748c9d658b6bc307a7960dcf01be2ed21915888ceba4cb1da5be3559cefc004650d29a8d6f13e7a4a4f5a88d821099f44ef0ff0f5
-
SSDEEP
6144:bR3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDr:bddQKjeaEEp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-