General
-
Target
25ddfdfce968b1ce4c80d0cfb42bab72_JaffaCakes118
-
Size
64KB
-
Sample
240704-xhelastblp
-
MD5
25ddfdfce968b1ce4c80d0cfb42bab72
-
SHA1
ad5344a7b1f0de0dd9d13857f88e6f0e630d2fe7
-
SHA256
854df326224ae9d76375a73c7d2b94218fb540657645e1dcf86956b2d456f825
-
SHA512
10460d34dc8a8592be6192b867faf8c34a5b105d695225230f3219502eb4cad79d8172023157e692a3f21c8bef82394a07879198e378882f74178893e697fb9c
-
SSDEEP
768:DBZGFIzzF1/mjNgXYVdl6ih18TRZWsArsglR9kAX6ge6MLZfOnsXE09hLdX5hBa:DPdpceiQZWpL9kAqge68lvra
Malware Config
Targets
-
-
Target
25ddfdfce968b1ce4c80d0cfb42bab72_JaffaCakes118
-
Size
64KB
-
MD5
25ddfdfce968b1ce4c80d0cfb42bab72
-
SHA1
ad5344a7b1f0de0dd9d13857f88e6f0e630d2fe7
-
SHA256
854df326224ae9d76375a73c7d2b94218fb540657645e1dcf86956b2d456f825
-
SHA512
10460d34dc8a8592be6192b867faf8c34a5b105d695225230f3219502eb4cad79d8172023157e692a3f21c8bef82394a07879198e378882f74178893e697fb9c
-
SSDEEP
768:DBZGFIzzF1/mjNgXYVdl6ih18TRZWsArsglR9kAX6ge6MLZfOnsXE09hLdX5hBa:DPdpceiQZWpL9kAqge68lvra
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-