General
-
Target
88f765f569dd3558228e0a7a8c5e22d9_JaffaCakes118
-
Size
147KB
-
Sample
240811-exm7wavdkp
-
MD5
88f765f569dd3558228e0a7a8c5e22d9
-
SHA1
ccacb555c79cd449169da8a6d0bd8b863aaedb2b
-
SHA256
46768c1281dea1d72167cc5f7901f9a12588e69323a34d7ffbdb71662c11fdd5
-
SHA512
d258b625b485c1e2eeddd04047ea16202b341d5ee50dc1b8d45dfc7be44ca465f23a66053b67e368b129dbfdc0b2f8fafad2ad777c5bf45d48b387207922a95a
-
SSDEEP
3072:gCTCd857nhEcMiplVvauR3C9DthcASPQuHJZt7:gW57hEh0jrC9D6HZ7
Malware Config
Targets
-
-
Target
88f765f569dd3558228e0a7a8c5e22d9_JaffaCakes118
-
Size
147KB
-
MD5
88f765f569dd3558228e0a7a8c5e22d9
-
SHA1
ccacb555c79cd449169da8a6d0bd8b863aaedb2b
-
SHA256
46768c1281dea1d72167cc5f7901f9a12588e69323a34d7ffbdb71662c11fdd5
-
SHA512
d258b625b485c1e2eeddd04047ea16202b341d5ee50dc1b8d45dfc7be44ca465f23a66053b67e368b129dbfdc0b2f8fafad2ad777c5bf45d48b387207922a95a
-
SSDEEP
3072:gCTCd857nhEcMiplVvauR3C9DthcASPQuHJZt7:gW57hEh0jrC9D6HZ7
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-