General
-
Target
877e1836ef0722467e1f0e60c2b17875_JaffaCakes118
-
Size
354KB
-
Sample
240810-yw5kbawbrp
-
MD5
877e1836ef0722467e1f0e60c2b17875
-
SHA1
a5069cb0f3431eb3c32806e5322090725f65f600
-
SHA256
731fb67573991adb1b9c76cd6ff7104dd9a57fa057fae6b3d0cd5cb04021edf3
-
SHA512
caf48313b6e9f1e85cff67d91416e09f9c08e0596a0c756985a475badf9dbb682a3c8db8c7b6d5548c9fbe0c98dcbd7b2b5ef2e331795119f47baa5b9a801070
-
SSDEEP
6144:bgOviFZ3FvaZGCbuFaplyBWa2cf07oPxl9XzLDGO71iKFGOso/Qhm5Vsr8:b/iFdFv0GCbu9Wa2cf0cxLXjH4KF+lhm
Malware Config
Targets
-
-
Target
877e1836ef0722467e1f0e60c2b17875_JaffaCakes118
-
Size
354KB
-
MD5
877e1836ef0722467e1f0e60c2b17875
-
SHA1
a5069cb0f3431eb3c32806e5322090725f65f600
-
SHA256
731fb67573991adb1b9c76cd6ff7104dd9a57fa057fae6b3d0cd5cb04021edf3
-
SHA512
caf48313b6e9f1e85cff67d91416e09f9c08e0596a0c756985a475badf9dbb682a3c8db8c7b6d5548c9fbe0c98dcbd7b2b5ef2e331795119f47baa5b9a801070
-
SSDEEP
6144:bgOviFZ3FvaZGCbuFaplyBWa2cf07oPxl9XzLDGO71iKFGOso/Qhm5Vsr8:b/iFdFv0GCbu9Wa2cf0cxLXjH4KF+lhm
Score8/10-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-