General
-
Target
b8967e61dbf22931d0a7e3c0680c0618_JaffaCakes118
-
Size
81KB
-
Sample
240822-wmbjrssgmm
-
MD5
b8967e61dbf22931d0a7e3c0680c0618
-
SHA1
c63631b8e112b59c6a431345e2cd4b9b388f666b
-
SHA256
7982c3ed3ec2821ac055324bf93812a7ae050edb3fca257b65441ca312b884ba
-
SHA512
9e204e18c49bdbfb562752ace595e6eae9268a7332be7c8921420bb2b418921f11be6d0afad2647e45b0c4816001a6c5d96bb0f303d40a17fdad3f69186d8977
-
SSDEEP
1536:MbAvRAYLm7CXxJWVI3Dmc0zQIx1GZkw0teDdFQTZBFoYTbmFTMYJ4Ps:MMygYrc0Zx4ZkvKu4AbmFdSs
Malware Config
Targets
-
-
Target
b8967e61dbf22931d0a7e3c0680c0618_JaffaCakes118
-
Size
81KB
-
MD5
b8967e61dbf22931d0a7e3c0680c0618
-
SHA1
c63631b8e112b59c6a431345e2cd4b9b388f666b
-
SHA256
7982c3ed3ec2821ac055324bf93812a7ae050edb3fca257b65441ca312b884ba
-
SHA512
9e204e18c49bdbfb562752ace595e6eae9268a7332be7c8921420bb2b418921f11be6d0afad2647e45b0c4816001a6c5d96bb0f303d40a17fdad3f69186d8977
-
SSDEEP
1536:MbAvRAYLm7CXxJWVI3Dmc0zQIx1GZkw0teDdFQTZBFoYTbmFTMYJ4Ps:MMygYrc0Zx4ZkvKu4AbmFdSs
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-