General
-
Target
3ad11125e0af63e6465ffdcc2fb86651_JaffaCakes118
-
Size
250KB
-
Sample
240711-1kssgsvgpq
-
MD5
3ad11125e0af63e6465ffdcc2fb86651
-
SHA1
0ddf42a3e92ee9fde0b62cd458d7ad6f121dc512
-
SHA256
0c7bda14089e880212c9184cb0494e470bf247b388986ee8ba10ecb8ac9608cf
-
SHA512
4a43e425177085ea8de84af21285dddceec6e5218d76e4841a4a1ff972524a14a159efc81a6c126d109236d88356cd6bbe4830b2178279c979da2128cedb6265
-
SSDEEP
6144:trafCe8i7BQKtxmvgs3alEUUa/ZZ/NlV8stHI8s7mGgVsZNoz06FHb/OvX3GQ+GX:trXzSQKtxmvZ30EUUa3VlV8s906FHb/K
Malware Config
Targets
-
-
Target
3ad11125e0af63e6465ffdcc2fb86651_JaffaCakes118
-
Size
250KB
-
MD5
3ad11125e0af63e6465ffdcc2fb86651
-
SHA1
0ddf42a3e92ee9fde0b62cd458d7ad6f121dc512
-
SHA256
0c7bda14089e880212c9184cb0494e470bf247b388986ee8ba10ecb8ac9608cf
-
SHA512
4a43e425177085ea8de84af21285dddceec6e5218d76e4841a4a1ff972524a14a159efc81a6c126d109236d88356cd6bbe4830b2178279c979da2128cedb6265
-
SSDEEP
6144:trafCe8i7BQKtxmvgs3alEUUa/ZZ/NlV8stHI8s7mGgVsZNoz06FHb/OvX3GQ+GX:trXzSQKtxmvZ30EUUa3VlV8s906FHb/K
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-