General
-
Target
614b1b9f053453e0bf204b88af8376e5_JaffaCakes118
-
Size
232KB
-
Sample
240721-zbnlqstbnb
-
MD5
614b1b9f053453e0bf204b88af8376e5
-
SHA1
8b193f09ec4494542c9d2114c45d45ab7c25830f
-
SHA256
fda4cd4292b8b82ddb4420feec9043812237ed6057b33124f4d4ebbcf0e97cb1
-
SHA512
3be1cf0f47a5f6fdab47fd2cd6bb4802a0b7baf07edf2e9e389be85ca1fad6523ce33e622ff4d124a6823cdf6e1cc594e42e58c253bee8100a8cd376d2e3cfa5
-
SSDEEP
6144:YyH3PFKs78vpRTlEqxF6snji81RUinKbLx:bPhp
Malware Config
Targets
-
-
Target
614b1b9f053453e0bf204b88af8376e5_JaffaCakes118
-
Size
232KB
-
MD5
614b1b9f053453e0bf204b88af8376e5
-
SHA1
8b193f09ec4494542c9d2114c45d45ab7c25830f
-
SHA256
fda4cd4292b8b82ddb4420feec9043812237ed6057b33124f4d4ebbcf0e97cb1
-
SHA512
3be1cf0f47a5f6fdab47fd2cd6bb4802a0b7baf07edf2e9e389be85ca1fad6523ce33e622ff4d124a6823cdf6e1cc594e42e58c253bee8100a8cd376d2e3cfa5
-
SSDEEP
6144:YyH3PFKs78vpRTlEqxF6snji81RUinKbLx:bPhp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-