General
-
Target
ae6922d784e7810a6bda8348e4d0affd_JaffaCakes118
-
Size
253KB
-
Sample
240820-jqwyna1aqg
-
MD5
ae6922d784e7810a6bda8348e4d0affd
-
SHA1
3ff17e04018cd9bec184b109d2c5c50fb372d5ec
-
SHA256
4b415dc9e3fb68d333f14a841643274352d33bf36b12701a650677fd2a29c17c
-
SHA512
37f1a0cfe5e8c51032821df0e51b1e012661000523ad0df5cff973aeedc1322defcf87f94eb0a377631c989dfa02fa0cac2bb1ff6ace24d89bdd9e54fa01a0cf
-
SSDEEP
6144:igkNDP7kEW6pa5z9uleJgU0LhctYC3FBk7Qq3:MzpaVtaU0FiYcBkf3
Malware Config
Targets
-
-
Target
ae6922d784e7810a6bda8348e4d0affd_JaffaCakes118
-
Size
253KB
-
MD5
ae6922d784e7810a6bda8348e4d0affd
-
SHA1
3ff17e04018cd9bec184b109d2c5c50fb372d5ec
-
SHA256
4b415dc9e3fb68d333f14a841643274352d33bf36b12701a650677fd2a29c17c
-
SHA512
37f1a0cfe5e8c51032821df0e51b1e012661000523ad0df5cff973aeedc1322defcf87f94eb0a377631c989dfa02fa0cac2bb1ff6ace24d89bdd9e54fa01a0cf
-
SSDEEP
6144:igkNDP7kEW6pa5z9uleJgU0LhctYC3FBk7Qq3:MzpaVtaU0FiYcBkf3
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-