General
-
Target
61bd7ba17214e93a5254253f89d92c0e_JaffaCakes118
-
Size
1.8MB
-
Sample
240721-2vy8pa1fjk
-
MD5
61bd7ba17214e93a5254253f89d92c0e
-
SHA1
06997b41f31cefb98b9fe27cfa5d08d3501ee925
-
SHA256
e11ea56696aee36f40a7c0bd488e312c98ffdcb1f2d69ae0b567d3137c500211
-
SHA512
102ae3a96d4d058ebfe7fee35d1341aedf2cbe1bd07d6cc14fe36849f47ca80a033c3886ab92829d2b72794f0e028a31d3a2b2cccbfe744e7b3ad2c3f47f8871
-
SSDEEP
24576:0WgxYrrlOhjRQAp5TwQtdAlw0aB29N41WEVSZVs3n8QHw5AL:0WzARd9tdAlw0aB29N41WcSZW38qL
Malware Config
Targets
-
-
Target
61bd7ba17214e93a5254253f89d92c0e_JaffaCakes118
-
Size
1.8MB
-
MD5
61bd7ba17214e93a5254253f89d92c0e
-
SHA1
06997b41f31cefb98b9fe27cfa5d08d3501ee925
-
SHA256
e11ea56696aee36f40a7c0bd488e312c98ffdcb1f2d69ae0b567d3137c500211
-
SHA512
102ae3a96d4d058ebfe7fee35d1341aedf2cbe1bd07d6cc14fe36849f47ca80a033c3886ab92829d2b72794f0e028a31d3a2b2cccbfe744e7b3ad2c3f47f8871
-
SSDEEP
24576:0WgxYrrlOhjRQAp5TwQtdAlw0aB29N41WEVSZVs3n8QHw5AL:0WzARd9tdAlw0aB29N41WcSZW38qL
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-