General
-
Target
3ae17545d6421cf2d33168c1bed689bb_JaffaCakes118
-
Size
101KB
-
Sample
240711-1xr2qawcqn
-
MD5
3ae17545d6421cf2d33168c1bed689bb
-
SHA1
c5be51d88e8fcfc37a9715a66791aaf397ffaa73
-
SHA256
ec6e7d70e6449bebbbb51f35777af9eb4a4af7e28151753739258617b5109200
-
SHA512
106456777a2b1ba72d18297d4a93e0fc56635030a337f8e67ef5a0101d2624f84c12048e21637aa35d4718b05f55b2c1501c8ec94f3da754a58f6931b31d3e79
-
SSDEEP
3072:AwXprx78KStV9b3wwaTluYWbhWKRWYEZ:XZrWntTTww+lrwd
Malware Config
Targets
-
-
Target
3ae17545d6421cf2d33168c1bed689bb_JaffaCakes118
-
Size
101KB
-
MD5
3ae17545d6421cf2d33168c1bed689bb
-
SHA1
c5be51d88e8fcfc37a9715a66791aaf397ffaa73
-
SHA256
ec6e7d70e6449bebbbb51f35777af9eb4a4af7e28151753739258617b5109200
-
SHA512
106456777a2b1ba72d18297d4a93e0fc56635030a337f8e67ef5a0101d2624f84c12048e21637aa35d4718b05f55b2c1501c8ec94f3da754a58f6931b31d3e79
-
SSDEEP
3072:AwXprx78KStV9b3wwaTluYWbhWKRWYEZ:XZrWntTTww+lrwd
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-