General
-
Target
6779ce241ef42c0d4fa5a0f696d33e92_JaffaCakes118
-
Size
1.7MB
-
Sample
240723-nzg83sthjg
-
MD5
6779ce241ef42c0d4fa5a0f696d33e92
-
SHA1
4ab56181194100b613c01303c8bd2a500ace7e69
-
SHA256
ef0f82b472aab1edf99b46c71976a7d823d3e9c903e45e0a79f770c57fc61160
-
SHA512
7e70bfa3a4925a6a88192201a2a9258586f7878d9e7802087e18b8659541b77c2e802e3615075ac8c59a1ba45b3376b8243e0d91a52889e8e85ce056304bb9c1
-
SSDEEP
12288:bdPqPFdPZdPrPFdPZdPiPFdPZdPFPFbSDyTFtj6PHdPZdPfPFdPZdPwPFdPZdPNe:UDyTFtjYDyTFtjODyo1tj
Malware Config
Targets
-
-
Target
6779ce241ef42c0d4fa5a0f696d33e92_JaffaCakes118
-
Size
1.7MB
-
MD5
6779ce241ef42c0d4fa5a0f696d33e92
-
SHA1
4ab56181194100b613c01303c8bd2a500ace7e69
-
SHA256
ef0f82b472aab1edf99b46c71976a7d823d3e9c903e45e0a79f770c57fc61160
-
SHA512
7e70bfa3a4925a6a88192201a2a9258586f7878d9e7802087e18b8659541b77c2e802e3615075ac8c59a1ba45b3376b8243e0d91a52889e8e85ce056304bb9c1
-
SSDEEP
12288:bdPqPFdPZdPrPFdPZdPiPFdPZdPFPFbSDyTFtj6PHdPZdPfPFdPZdPwPFdPZdPNe:UDyTFtjYDyTFtjODyo1tj
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-