General
-
Target
25aae6ba9b88f8cb3d49fe0f78827fe8_JaffaCakes118
-
Size
86KB
-
Sample
240704-wbz3zsshlg
-
MD5
25aae6ba9b88f8cb3d49fe0f78827fe8
-
SHA1
0164e22a977189ad02dfeeff0c346d3fceb5bae9
-
SHA256
be13c234396cdf8735450786edb014517352e7896646c6639e05367f5abf9e29
-
SHA512
7d43f8cd0e1a08add7651acf5fe14fd6e1c6573786cff2f1de081a6aa62a301ff3449e92ef8be640c22e744f1f6231bc02f574dfc8acfdb2af5b1848c621fdd7
-
SSDEEP
1536:Za3+ddygX7y9v7Z+NoykJHBOAFRfBjG3EdoIX:w8dfX7y9DZ+N7eB+hIX
Malware Config
Targets
-
-
Target
25aae6ba9b88f8cb3d49fe0f78827fe8_JaffaCakes118
-
Size
86KB
-
MD5
25aae6ba9b88f8cb3d49fe0f78827fe8
-
SHA1
0164e22a977189ad02dfeeff0c346d3fceb5bae9
-
SHA256
be13c234396cdf8735450786edb014517352e7896646c6639e05367f5abf9e29
-
SHA512
7d43f8cd0e1a08add7651acf5fe14fd6e1c6573786cff2f1de081a6aa62a301ff3449e92ef8be640c22e744f1f6231bc02f574dfc8acfdb2af5b1848c621fdd7
-
SSDEEP
1536:Za3+ddygX7y9v7Z+NoykJHBOAFRfBjG3EdoIX:w8dfX7y9DZ+N7eB+hIX
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-