General
-
Target
654ddb208ab36138438aa0c8ded37c75_JaffaCakes118
-
Size
256KB
-
Sample
240722-3tqqlawdjk
-
MD5
654ddb208ab36138438aa0c8ded37c75
-
SHA1
8fccb11bdfe76efc24f69969aaed4967d645bd33
-
SHA256
458cef20933fef753da4685179ea777410b0bc2dcfdaf25d6d10b74c1384f5be
-
SHA512
e9bd26d2a43be5b5650ac21d5e2c490af58c1ce779ce9049113f1625c01299c630af0ccc81113f8e298aba7bc1c0db260ae3d61824c4011e3fcc597857040dd9
-
SSDEEP
6144:+v7cMvoNymi+7eeyz2P9NnnnFCpImnTZygoHlKnvmb7/D26UBnmbLBXQT:+AMvoNymi+7eOP9anTZygoHlKnvmb7/g
Malware Config
Targets
-
-
Target
654ddb208ab36138438aa0c8ded37c75_JaffaCakes118
-
Size
256KB
-
MD5
654ddb208ab36138438aa0c8ded37c75
-
SHA1
8fccb11bdfe76efc24f69969aaed4967d645bd33
-
SHA256
458cef20933fef753da4685179ea777410b0bc2dcfdaf25d6d10b74c1384f5be
-
SHA512
e9bd26d2a43be5b5650ac21d5e2c490af58c1ce779ce9049113f1625c01299c630af0ccc81113f8e298aba7bc1c0db260ae3d61824c4011e3fcc597857040dd9
-
SSDEEP
6144:+v7cMvoNymi+7eeyz2P9NnnnFCpImnTZygoHlKnvmb7/D26UBnmbLBXQT:+AMvoNymi+7eOP9anTZygoHlKnvmb7/g
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-