General
-
Target
348311b0a982c9b93ab6cec99010398c_JaffaCakes118
-
Size
41KB
-
Sample
240710-ngqshaxape
-
MD5
348311b0a982c9b93ab6cec99010398c
-
SHA1
fd91cb902d533412964a0006a57cf8b8f30cc115
-
SHA256
1658436033caa97f4dbe821eef2f1f0427cfe4b6aaeae1dbff428ea65e08d118
-
SHA512
0fd4549dcf9defe07bcf3c42f4777430c325b29d5949802d1d4a7c742371532e42ae624932ce247b3120f6298a71e69ea0925039982f7632c214dbd147e7df9c
-
SSDEEP
768:mC6qxQuiqGbx4T/AScPIuqeDP6khdFtOwMxU+RUBJvOXa+:h6qxQui3mTxuPdhLtOwyUhIt
Malware Config
Targets
-
-
Target
348311b0a982c9b93ab6cec99010398c_JaffaCakes118
-
Size
41KB
-
MD5
348311b0a982c9b93ab6cec99010398c
-
SHA1
fd91cb902d533412964a0006a57cf8b8f30cc115
-
SHA256
1658436033caa97f4dbe821eef2f1f0427cfe4b6aaeae1dbff428ea65e08d118
-
SHA512
0fd4549dcf9defe07bcf3c42f4777430c325b29d5949802d1d4a7c742371532e42ae624932ce247b3120f6298a71e69ea0925039982f7632c214dbd147e7df9c
-
SSDEEP
768:mC6qxQuiqGbx4T/AScPIuqeDP6khdFtOwMxU+RUBJvOXa+:h6qxQui3mTxuPdhLtOwyUhIt
Score10/10-
Modifies firewall policy service
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-