General
-
Target
d1c3616123c99ee9ef6f5291609f15a4_JaffaCakes118
-
Size
236KB
-
Sample
240907-mx5e6a1akb
-
MD5
d1c3616123c99ee9ef6f5291609f15a4
-
SHA1
bf0a4960e9f9b2fb23e300a73b56fcaa8e15765b
-
SHA256
09e8322a1373fb56641f3529958693e7bb993eb9d9ef6dfc02c4d1337fea079d
-
SHA512
619a801712a170e34d40882a7ba874c01e5a008bf1da439cd23b7c639dc98525719eac39c155396f508991a61f3eaf9af1ade74aa3eed75a89435e5875ccfbf7
-
SSDEEP
3072:VdRZeGJgfQ8YWX/Y7bdhMk+gafcjcKOmkTiGUmeMcaKyDeGUC+UGU8TWhnu1S:lZemgoRWXAdh/+gSaOp/Uvj2DRrNnc
Malware Config
Targets
-
-
Target
d1c3616123c99ee9ef6f5291609f15a4_JaffaCakes118
-
Size
236KB
-
MD5
d1c3616123c99ee9ef6f5291609f15a4
-
SHA1
bf0a4960e9f9b2fb23e300a73b56fcaa8e15765b
-
SHA256
09e8322a1373fb56641f3529958693e7bb993eb9d9ef6dfc02c4d1337fea079d
-
SHA512
619a801712a170e34d40882a7ba874c01e5a008bf1da439cd23b7c639dc98525719eac39c155396f508991a61f3eaf9af1ade74aa3eed75a89435e5875ccfbf7
-
SSDEEP
3072:VdRZeGJgfQ8YWX/Y7bdhMk+gafcjcKOmkTiGUmeMcaKyDeGUC+UGU8TWhnu1S:lZemgoRWXAdh/+gSaOp/Uvj2DRrNnc
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-