General
-
Target
6fde3b35d1eecedd758557b9adbe4627_JaffaCakes118
-
Size
534KB
-
Sample
240725-ragg2avfrg
-
MD5
6fde3b35d1eecedd758557b9adbe4627
-
SHA1
cd474cbd54d476628aeaf0fc32d9e2f2e7e25f45
-
SHA256
ab95894306d850fd2cd42d3e6d40c30db10ff48d366ccbe2fbdac85ab8188d86
-
SHA512
e80b6d5671b1aac0b48d9bee7b96c970bcf6fb8481ba6395c305be6fdb93580f39981fb88932b2dc677d5f47e8a06c2a74e2343a14e8d88709f86a6cf1e9a544
-
SSDEEP
12288:qCIpTMMnMMMMMUTsIGJjYIRgcg/kihARikicQSfpyUBoXEs:ENMMnMMMMMksBJFJg/kaARikicQgyb
Malware Config
Targets
-
-
Target
6fde3b35d1eecedd758557b9adbe4627_JaffaCakes118
-
Size
534KB
-
MD5
6fde3b35d1eecedd758557b9adbe4627
-
SHA1
cd474cbd54d476628aeaf0fc32d9e2f2e7e25f45
-
SHA256
ab95894306d850fd2cd42d3e6d40c30db10ff48d366ccbe2fbdac85ab8188d86
-
SHA512
e80b6d5671b1aac0b48d9bee7b96c970bcf6fb8481ba6395c305be6fdb93580f39981fb88932b2dc677d5f47e8a06c2a74e2343a14e8d88709f86a6cf1e9a544
-
SSDEEP
12288:qCIpTMMnMMMMMUTsIGJjYIRgcg/kihARikicQSfpyUBoXEs:ENMMnMMMMMksBJFJg/kaARikicQgyb
Score8/10-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-