General
-
Target
8addc63d80b07436a03a4b59fc0ebdce_JaffaCakes118
-
Size
2.3MB
-
Sample
240811-smxv8azajb
-
MD5
8addc63d80b07436a03a4b59fc0ebdce
-
SHA1
cea4bc29dfbae6ab3a70f25ce3e7b1f8939efa5b
-
SHA256
908ce5c79adb2747ef59a96a058c1a2c878b41241f5cf5a7e04f4fa374762cfd
-
SHA512
3ba2a6117ab3771737b6ce3d9dc3505bf898f850a018ec548493ebe3b03481b7817994dcfbf5efd098a290fc266fd47083ab6e4a9b64b09f3febeda3f21da632
-
SSDEEP
49152:VuuE7AkqIxGrGYyZa/tgrYJUGfZC3wA6EylfwEaFW:XE7AfrlyutLxC3sEwwM
Malware Config
Targets
-
-
Target
8addc63d80b07436a03a4b59fc0ebdce_JaffaCakes118
-
Size
2.3MB
-
MD5
8addc63d80b07436a03a4b59fc0ebdce
-
SHA1
cea4bc29dfbae6ab3a70f25ce3e7b1f8939efa5b
-
SHA256
908ce5c79adb2747ef59a96a058c1a2c878b41241f5cf5a7e04f4fa374762cfd
-
SHA512
3ba2a6117ab3771737b6ce3d9dc3505bf898f850a018ec548493ebe3b03481b7817994dcfbf5efd098a290fc266fd47083ab6e4a9b64b09f3febeda3f21da632
-
SSDEEP
49152:VuuE7AkqIxGrGYyZa/tgrYJUGfZC3wA6EylfwEaFW:XE7AfrlyutLxC3sEwwM
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-