General
-
Target
2f1457eb74bd24be7fc8101466cdd018_JaffaCakes118
-
Size
100KB
-
Sample
240709-frqw9axdrp
-
MD5
2f1457eb74bd24be7fc8101466cdd018
-
SHA1
45072dd3b322429aefa680ed1a21417febd4b0fc
-
SHA256
24c58fccaf3dd0e52d27acb196a0ca4b6373f7d2ee34777c49580b34f9091b47
-
SHA512
15c6960c96a66cccf047417440d32f51d46756b03a64cf550ffa49aba4bab559cec7ec8cca2c62448c1ba87249f8d06a0d05afb984051e85714349e05eb19d79
-
SSDEEP
1536:TpWAcX220mQ5txJKIRGWcOUP7vXArnY1ZqAefzyesWNIjN:10Q5oNAfzyeFCN
Malware Config
Targets
-
-
Target
2f1457eb74bd24be7fc8101466cdd018_JaffaCakes118
-
Size
100KB
-
MD5
2f1457eb74bd24be7fc8101466cdd018
-
SHA1
45072dd3b322429aefa680ed1a21417febd4b0fc
-
SHA256
24c58fccaf3dd0e52d27acb196a0ca4b6373f7d2ee34777c49580b34f9091b47
-
SHA512
15c6960c96a66cccf047417440d32f51d46756b03a64cf550ffa49aba4bab559cec7ec8cca2c62448c1ba87249f8d06a0d05afb984051e85714349e05eb19d79
-
SSDEEP
1536:TpWAcX220mQ5txJKIRGWcOUP7vXArnY1ZqAefzyesWNIjN:10Q5oNAfzyeFCN
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-