General
-
Target
3a6fa72965a4658867506af0a9e4c997_JaffaCakes118
-
Size
277KB
-
Sample
240711-x4dwwszhpr
-
MD5
3a6fa72965a4658867506af0a9e4c997
-
SHA1
50360410222e553121c2563425442ebc5dde28d3
-
SHA256
5485f28ca73829b395863d65b0be53b32b3105d74cdbd2fd401d7a34bda8b879
-
SHA512
219d0aa2a6fb21338455dbaacc146d275decf89b3777ca096968294d679a382a67e49401f05cf5d32f0bd21c85234d5fb45483a78899e2582391b0f446b7cfc0
-
SSDEEP
6144:hSpt+OKXbTkZS3qSeF+ywwW18YO+Pa8nzbt1SgGm0q3:Et6oZRSQhBpCzbtcgz
Malware Config
Targets
-
-
Target
3a6fa72965a4658867506af0a9e4c997_JaffaCakes118
-
Size
277KB
-
MD5
3a6fa72965a4658867506af0a9e4c997
-
SHA1
50360410222e553121c2563425442ebc5dde28d3
-
SHA256
5485f28ca73829b395863d65b0be53b32b3105d74cdbd2fd401d7a34bda8b879
-
SHA512
219d0aa2a6fb21338455dbaacc146d275decf89b3777ca096968294d679a382a67e49401f05cf5d32f0bd21c85234d5fb45483a78899e2582391b0f446b7cfc0
-
SSDEEP
6144:hSpt+OKXbTkZS3qSeF+ywwW18YO+Pa8nzbt1SgGm0q3:Et6oZRSQhBpCzbtcgz
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-