General
-
Target
36658031885947b34da48b909a6297f2_JaffaCakes118
-
Size
100KB
-
Sample
240710-z1jdbaseqe
-
MD5
36658031885947b34da48b909a6297f2
-
SHA1
714e3b6a17adc6e78ad5c78350ef09bff4a6f435
-
SHA256
40fd9d7eb14df4a1d1c8fadddfaf49e9b430c36f8d2e88425bef65b5d2e1c6d4
-
SHA512
a202cd485b8c33ee7bdc56e7e954a675c288d070020705247484e99b16bb2f312d3e713e82af2dcfedb75dde3a0a89130f7ad604ce8bfc19f17fa478b8d65f4b
-
SSDEEP
1536:dttGG82NTzw5MGAc4ohrPXo+73Rez8b0SyKNIjnZrJ:lwgurPX7CKCnlJ
Malware Config
Targets
-
-
Target
36658031885947b34da48b909a6297f2_JaffaCakes118
-
Size
100KB
-
MD5
36658031885947b34da48b909a6297f2
-
SHA1
714e3b6a17adc6e78ad5c78350ef09bff4a6f435
-
SHA256
40fd9d7eb14df4a1d1c8fadddfaf49e9b430c36f8d2e88425bef65b5d2e1c6d4
-
SHA512
a202cd485b8c33ee7bdc56e7e954a675c288d070020705247484e99b16bb2f312d3e713e82af2dcfedb75dde3a0a89130f7ad604ce8bfc19f17fa478b8d65f4b
-
SSDEEP
1536:dttGG82NTzw5MGAc4ohrPXo+73Rez8b0SyKNIjnZrJ:lwgurPX7CKCnlJ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-