General
-
Target
2bc4af985224f48328acbd9429820671_JaffaCakes118
-
Size
2.1MB
-
Sample
240708-k4sntsvakg
-
MD5
2bc4af985224f48328acbd9429820671
-
SHA1
77b7965085e4e780f7023aada0738702a7eb2f9b
-
SHA256
6a81b0a706ef43885a8ad32fbc0c7aa091f8df0a8652c2b8f247e1db5003ebb0
-
SHA512
1014950318359212e5970f286e7e3b5cacf364e51bd71480371b9b1af93a48e560b25388fbb3f94575cba77ef86ce1e06f705eeb668f82227ad06ea460c4f1d9
-
SSDEEP
49152:K/X+WZEkOW/oTdqtrG/Zr8jdPRRAYKjY9tPG:ZWqOJtsZUdJi7jYvG
Malware Config
Targets
-
-
Target
2bc4af985224f48328acbd9429820671_JaffaCakes118
-
Size
2.1MB
-
MD5
2bc4af985224f48328acbd9429820671
-
SHA1
77b7965085e4e780f7023aada0738702a7eb2f9b
-
SHA256
6a81b0a706ef43885a8ad32fbc0c7aa091f8df0a8652c2b8f247e1db5003ebb0
-
SHA512
1014950318359212e5970f286e7e3b5cacf364e51bd71480371b9b1af93a48e560b25388fbb3f94575cba77ef86ce1e06f705eeb668f82227ad06ea460c4f1d9
-
SSDEEP
49152:K/X+WZEkOW/oTdqtrG/Zr8jdPRRAYKjY9tPG:ZWqOJtsZUdJi7jYvG
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-