General
-
Target
3f31f52d241f94edd1f34b83988d89f4_JaffaCakes118
-
Size
140KB
-
Sample
240712-2tfpystgmp
-
MD5
3f31f52d241f94edd1f34b83988d89f4
-
SHA1
f8bb0b6b7401646ead4b9c66a2d1d866ad3ff2ea
-
SHA256
312f4aa9652b7954026b329873fc89ca056ca85cf012ba738d261ad7946a66d9
-
SHA512
8adfbd7351cdb4f352d3d3ee5cdc790e37268d5f6a14f0ee238e0f1ceceee3f5965a2601481292f9eaa6f0429ab3740c81f388ac69b6dad9cf8b37c927573dbd
-
SSDEEP
3072:Fbso9wgRkWwuXdzDwWX0fTIZOaA481GkQr+drjOBgqEqh:FQWwuXdzDwWX0fTIZOaAYkQrGrjOBgh
Malware Config
Targets
-
-
Target
3f31f52d241f94edd1f34b83988d89f4_JaffaCakes118
-
Size
140KB
-
MD5
3f31f52d241f94edd1f34b83988d89f4
-
SHA1
f8bb0b6b7401646ead4b9c66a2d1d866ad3ff2ea
-
SHA256
312f4aa9652b7954026b329873fc89ca056ca85cf012ba738d261ad7946a66d9
-
SHA512
8adfbd7351cdb4f352d3d3ee5cdc790e37268d5f6a14f0ee238e0f1ceceee3f5965a2601481292f9eaa6f0429ab3740c81f388ac69b6dad9cf8b37c927573dbd
-
SSDEEP
3072:Fbso9wgRkWwuXdzDwWX0fTIZOaA481GkQr+drjOBgqEqh:FQWwuXdzDwWX0fTIZOaAYkQrGrjOBgh
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-