General
-
Target
a20a683436592e30d7bef17fbcd72487_JaffaCakes118
-
Size
2.3MB
-
Sample
240817-lmgexasbqn
-
MD5
a20a683436592e30d7bef17fbcd72487
-
SHA1
e9df5ef7775d6634b2da4e3f23cb854306414bec
-
SHA256
5579f59be44ed98431ec8aa6a1649ab7b545ce4bc794af4bca8691b6b9ae33d1
-
SHA512
d403e0a4f1518784d7f7227c574c7d0b0519f4a64a7dcdcbd7a806697c9da99d57aff02efdd5d35325e6c7113e3c450604df1845ed6cbf41a46ee6b5402eb394
-
SSDEEP
49152:nZYizJ0n0i89RQ7EdWf8xB0Hs8Wl6643Tt84voEttfdiBRTEmHvh:DJ0nyLXoYyHpWl6VxpwEbsnl
Malware Config
Targets
-
-
Target
a20a683436592e30d7bef17fbcd72487_JaffaCakes118
-
Size
2.3MB
-
MD5
a20a683436592e30d7bef17fbcd72487
-
SHA1
e9df5ef7775d6634b2da4e3f23cb854306414bec
-
SHA256
5579f59be44ed98431ec8aa6a1649ab7b545ce4bc794af4bca8691b6b9ae33d1
-
SHA512
d403e0a4f1518784d7f7227c574c7d0b0519f4a64a7dcdcbd7a806697c9da99d57aff02efdd5d35325e6c7113e3c450604df1845ed6cbf41a46ee6b5402eb394
-
SSDEEP
49152:nZYizJ0n0i89RQ7EdWf8xB0Hs8Wl6643Tt84voEttfdiBRTEmHvh:DJ0nyLXoYyHpWl6VxpwEbsnl
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-