General
-
Target
ae71fe0158db6330ecadb5224b8568dd_JaffaCakes118
-
Size
189KB
-
Sample
240820-jyswza1eja
-
MD5
ae71fe0158db6330ecadb5224b8568dd
-
SHA1
b1c632e8ff6c92018ffcace281d83c4b1244b93b
-
SHA256
facb89f13f7e78ab1a420d1b4a29d4be0ae88f5e0e7470bcd84a51e35bf5155f
-
SHA512
1056a6a96caf3152504855813f8deefbbb65dffd8575ab2c4de6b5265aa757299be8230be14477ef4344bdd7f0a4514146c2450b212536e4cd61277dbe686fa8
-
SSDEEP
3072:vCNmpyGyeln0Ao6QDfSwmF0GIb/Osi6csQjpCJCQ/B5JB8dQiJ96HjtOCY:ompyG1lnMfSIDO56cs8szvYQ5HZHY
Malware Config
Targets
-
-
Target
ae71fe0158db6330ecadb5224b8568dd_JaffaCakes118
-
Size
189KB
-
MD5
ae71fe0158db6330ecadb5224b8568dd
-
SHA1
b1c632e8ff6c92018ffcace281d83c4b1244b93b
-
SHA256
facb89f13f7e78ab1a420d1b4a29d4be0ae88f5e0e7470bcd84a51e35bf5155f
-
SHA512
1056a6a96caf3152504855813f8deefbbb65dffd8575ab2c4de6b5265aa757299be8230be14477ef4344bdd7f0a4514146c2450b212536e4cd61277dbe686fa8
-
SSDEEP
3072:vCNmpyGyeln0Ao6QDfSwmF0GIb/Osi6csQjpCJCQ/B5JB8dQiJ96HjtOCY:ompyG1lnMfSIDO56cs8szvYQ5HZHY
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-