General
-
Target
18debbd56f06d86a1eaeeb67c6e7a987_JaffaCakes118
-
Size
312KB
-
Sample
240628-fn72csvfml
-
MD5
18debbd56f06d86a1eaeeb67c6e7a987
-
SHA1
5ffb4f1383176706da2d9cecbd2368d11441bacd
-
SHA256
ee2b7aec69d49f4e0f5b21e95e3f7f5a0a7cbd47b891d996fecd21e2c403b389
-
SHA512
d00f7e982954f4ab56f4e7ff4aa3919742fc66294d728d836dbec615c7409efb0bbeede1ca9ce831def9e16a9c8ea278cca7cefbb7a5bd4f253af4cb57219bca
-
SSDEEP
3072:E1TsZWqobBOxJYwExxusUwadNX0sQ84O1fNnoPBEtFjjUcsFP84K6yXX7:2TlBOxJYw4xusUwsJ0sQmWWuPxnyXX7
Malware Config
Targets
-
-
Target
18debbd56f06d86a1eaeeb67c6e7a987_JaffaCakes118
-
Size
312KB
-
MD5
18debbd56f06d86a1eaeeb67c6e7a987
-
SHA1
5ffb4f1383176706da2d9cecbd2368d11441bacd
-
SHA256
ee2b7aec69d49f4e0f5b21e95e3f7f5a0a7cbd47b891d996fecd21e2c403b389
-
SHA512
d00f7e982954f4ab56f4e7ff4aa3919742fc66294d728d836dbec615c7409efb0bbeede1ca9ce831def9e16a9c8ea278cca7cefbb7a5bd4f253af4cb57219bca
-
SSDEEP
3072:E1TsZWqobBOxJYwExxusUwadNX0sQ84O1fNnoPBEtFjjUcsFP84K6yXX7:2TlBOxJYw4xusUwsJ0sQmWWuPxnyXX7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-