General
-
Target
bd6e80a157f36680184eff16db827de5_JaffaCakes118
-
Size
173KB
-
Sample
240823-2hxjbs1cph
-
MD5
bd6e80a157f36680184eff16db827de5
-
SHA1
9ab9eba21c522638973e606233b2a9ac253b1005
-
SHA256
2dfd24911df71284d1d661f2b88b222c1e9e00f97b48b02cde9876908a67cd98
-
SHA512
8b96cf866dca774e5d25d7d38d1002baecc95feaeb73e16bc160d554cb47cd2992b76c91a4c962ac67eab839b76308baf777cf3e9fcc9389aa1f352ac3c900d6
-
SSDEEP
3072:l4jg7Y+U+jUXQuXxp8HGlmEKuJn5CKYzOhNA/s3GM+VvCfl1BLgGIczjx25yZB22:le0UXQuXj8mMoJnkz6NMFMJpgGIOU5Md
Malware Config
Targets
-
-
Target
bd6e80a157f36680184eff16db827de5_JaffaCakes118
-
Size
173KB
-
MD5
bd6e80a157f36680184eff16db827de5
-
SHA1
9ab9eba21c522638973e606233b2a9ac253b1005
-
SHA256
2dfd24911df71284d1d661f2b88b222c1e9e00f97b48b02cde9876908a67cd98
-
SHA512
8b96cf866dca774e5d25d7d38d1002baecc95feaeb73e16bc160d554cb47cd2992b76c91a4c962ac67eab839b76308baf777cf3e9fcc9389aa1f352ac3c900d6
-
SSDEEP
3072:l4jg7Y+U+jUXQuXxp8HGlmEKuJn5CKYzOhNA/s3GM+VvCfl1BLgGIczjx25yZB22:le0UXQuXj8mMoJnkz6NMFMJpgGIOU5Md
Score8/10-
Disables RegEdit via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-