General
-
Target
44fb5ba17d8a42a60fa82c6dd7c2a707_JaffaCakes118
-
Size
172KB
-
Sample
240714-jy71wsvekc
-
MD5
44fb5ba17d8a42a60fa82c6dd7c2a707
-
SHA1
59e2239b0d837d350ac1e13c8ae1868535c9276e
-
SHA256
9ec94c01d6a9cf0bb7da720a5efda7818904fc7fa27ab703087ef8a91a192eb4
-
SHA512
7fced9b16be2cc1f9c78a08db29d1d89813f2ee2e0a8af33c356d5596fa852d7344226c8c82d677c04acaca04662aad808e29d659aba3c36bc9ffc150e219349
-
SSDEEP
3072:P2o6Zb6DKJW6jbZJ4oJDsOeMPEQ8HLCpUZS7o3SFnAsD:eNzJxPZJr4szSeUlunH
Malware Config
Targets
-
-
Target
44fb5ba17d8a42a60fa82c6dd7c2a707_JaffaCakes118
-
Size
172KB
-
MD5
44fb5ba17d8a42a60fa82c6dd7c2a707
-
SHA1
59e2239b0d837d350ac1e13c8ae1868535c9276e
-
SHA256
9ec94c01d6a9cf0bb7da720a5efda7818904fc7fa27ab703087ef8a91a192eb4
-
SHA512
7fced9b16be2cc1f9c78a08db29d1d89813f2ee2e0a8af33c356d5596fa852d7344226c8c82d677c04acaca04662aad808e29d659aba3c36bc9ffc150e219349
-
SSDEEP
3072:P2o6Zb6DKJW6jbZJ4oJDsOeMPEQ8HLCpUZS7o3SFnAsD:eNzJxPZJr4szSeUlunH
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-