General
-
Target
5f400e8493c1d3733eb4138b2bd6ec29_JaffaCakes118
-
Size
250KB
-
Sample
240720-gf92esyepn
-
MD5
5f400e8493c1d3733eb4138b2bd6ec29
-
SHA1
0b0c7aa707609d477664d1ed53caaf2e8a373626
-
SHA256
0b8f2f97e7fa1460bc3897d153914f35cecc53d5bfd1033e3fe53f8bcb008e44
-
SHA512
017186307e3885c1e4f34aae1813b9d6fcba9232d47d3311722576be42a30f10c684f303b1c8bec85a9fc64c2ba05e60849b89975fe8d0957a4b96a1633f0618
-
SSDEEP
6144:hrafduD8i7BQKtxmvgs3alEUUai/NlV8stHI8s7mGgVsZNoz06FHb/OvX3GQ+GS5:hryu4SQKtxmvZ30EUUaiVlV8s906FHbT
Malware Config
Targets
-
-
Target
5f400e8493c1d3733eb4138b2bd6ec29_JaffaCakes118
-
Size
250KB
-
MD5
5f400e8493c1d3733eb4138b2bd6ec29
-
SHA1
0b0c7aa707609d477664d1ed53caaf2e8a373626
-
SHA256
0b8f2f97e7fa1460bc3897d153914f35cecc53d5bfd1033e3fe53f8bcb008e44
-
SHA512
017186307e3885c1e4f34aae1813b9d6fcba9232d47d3311722576be42a30f10c684f303b1c8bec85a9fc64c2ba05e60849b89975fe8d0957a4b96a1633f0618
-
SSDEEP
6144:hrafduD8i7BQKtxmvgs3alEUUai/NlV8stHI8s7mGgVsZNoz06FHb/OvX3GQ+GS5:hryu4SQKtxmvZ30EUUaiVlV8s906FHbT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-