General
-
Target
5aaaf3c05b4f3df5e79633a2112a7aa3_JaffaCakes118
-
Size
260KB
-
Sample
240719-gblg9svekq
-
MD5
5aaaf3c05b4f3df5e79633a2112a7aa3
-
SHA1
1ef7055270bfc10b7e4c827383a7a324f2548162
-
SHA256
b142c5c2af68373eb5f3278142d97b51a43c31dea12c43fc33a714d4f8ccfaf0
-
SHA512
526b0afe48c9b94f87d424145f8f64ebb25cd7a55e0960a57ab8d004a63bd4f56ff7a631540f46903a7b5f15bacc68ed780daafc3ef52be8c6c411ccfd1a99d5
-
SSDEEP
3072:JMXo1k8VAaU2O5CXuyDdhst9gM4Qt5OyhEAbE5jTdrvKfKzD2PHc5aUZg+hrRFeo:JIo1k8mGOweF9ydDKmyCaUZg+P
Malware Config
Targets
-
-
Target
5aaaf3c05b4f3df5e79633a2112a7aa3_JaffaCakes118
-
Size
260KB
-
MD5
5aaaf3c05b4f3df5e79633a2112a7aa3
-
SHA1
1ef7055270bfc10b7e4c827383a7a324f2548162
-
SHA256
b142c5c2af68373eb5f3278142d97b51a43c31dea12c43fc33a714d4f8ccfaf0
-
SHA512
526b0afe48c9b94f87d424145f8f64ebb25cd7a55e0960a57ab8d004a63bd4f56ff7a631540f46903a7b5f15bacc68ed780daafc3ef52be8c6c411ccfd1a99d5
-
SSDEEP
3072:JMXo1k8VAaU2O5CXuyDdhst9gM4Qt5OyhEAbE5jTdrvKfKzD2PHc5aUZg+hrRFeo:JIo1k8mGOweF9ydDKmyCaUZg+P
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-