General
-
Target
8d228745844907f92b765e3948861613_JaffaCakes118
-
Size
13KB
-
Sample
240812-d2axnsxepf
-
MD5
8d228745844907f92b765e3948861613
-
SHA1
38af14bb81719bef8892d39b5d746edeed038b7c
-
SHA256
a04e9a97ec911d75337bd8ccf019b8d1118b89346c96c9d3319e855a26087eb1
-
SHA512
2ce0db4567c2ee1c091d7b9a29f0dba5b231c6e6d71665bf7d2097e1efa9646634feda1471f5b209d4c996db042ed4ab68f35d3fc18a28861e08cacfdfa9d18a
-
SSDEEP
384:mW4eyoW4T4oxlTeolp1LTzAf0nhRJJyr2:QaZHlpJTz20h1D
Malware Config
Targets
-
-
Target
8d228745844907f92b765e3948861613_JaffaCakes118
-
Size
13KB
-
MD5
8d228745844907f92b765e3948861613
-
SHA1
38af14bb81719bef8892d39b5d746edeed038b7c
-
SHA256
a04e9a97ec911d75337bd8ccf019b8d1118b89346c96c9d3319e855a26087eb1
-
SHA512
2ce0db4567c2ee1c091d7b9a29f0dba5b231c6e6d71665bf7d2097e1efa9646634feda1471f5b209d4c996db042ed4ab68f35d3fc18a28861e08cacfdfa9d18a
-
SSDEEP
384:mW4eyoW4T4oxlTeolp1LTzAf0nhRJJyr2:QaZHlpJTz20h1D
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-