General
-
Target
23ea730812e4ac3a83ca7cb4f764fd65_JaffaCakes118
-
Size
67KB
-
Sample
240703-3x6wzssgqm
-
MD5
23ea730812e4ac3a83ca7cb4f764fd65
-
SHA1
9a98d9d6b178f05393223e4a98726c9bb401083b
-
SHA256
a676bacf0c28ed30727376a52861af0ca1eb1768926b51827f1b87c2b6939f2e
-
SHA512
68995808ecd09911a70e35150b08b5c6fe87970b94e01f043741e5c2b2e82cd0380f7b5064e1e8960cc2616bca51742020998c267b94bd0d3c656fc0c89b7b24
-
SSDEEP
768:i1AuwHyeFo6NPIFAoslbf8eRYLGXdoIFbb5omuKWcbsvwnoT9D88888888888JXo:iOxyeFo6NPCAosxYyXdF5oy3VoKIdyq
Malware Config
Targets
-
-
Target
23ea730812e4ac3a83ca7cb4f764fd65_JaffaCakes118
-
Size
67KB
-
MD5
23ea730812e4ac3a83ca7cb4f764fd65
-
SHA1
9a98d9d6b178f05393223e4a98726c9bb401083b
-
SHA256
a676bacf0c28ed30727376a52861af0ca1eb1768926b51827f1b87c2b6939f2e
-
SHA512
68995808ecd09911a70e35150b08b5c6fe87970b94e01f043741e5c2b2e82cd0380f7b5064e1e8960cc2616bca51742020998c267b94bd0d3c656fc0c89b7b24
-
SSDEEP
768:i1AuwHyeFo6NPIFAoslbf8eRYLGXdoIFbb5omuKWcbsvwnoT9D88888888888JXo:iOxyeFo6NPCAosxYyXdF5oy3VoKIdyq
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-