General
-
Target
f07efa5b4b8a3524164cd30fe9cb5b2e_JaffaCakes118
-
Size
2.0MB
-
Sample
240921-ymhzyszflh
-
MD5
f07efa5b4b8a3524164cd30fe9cb5b2e
-
SHA1
b5b07680f48a9cf77d77ab736843394b12e599a7
-
SHA256
9eea2b1b81605e01b97ce170f8ba54edcd75f922efa43e7a2cd64d028cdc6c93
-
SHA512
9d776c046bdcf4490c7922ea3f276786edd18cddfd767540f074cc817a310d1ac023ee4605e457d095674ec2c2aa9d036a0062dac9e6d4c56bbcf545a54c8c42
-
SSDEEP
49152:fdW6CS8CmAZhdqSnJa2bFVlzbnpLrfQMHNr1CLdW8HLVMegO696:fdyS8OhPa8VlDttBCLd1r6egt
Malware Config
Targets
-
-
Target
f07efa5b4b8a3524164cd30fe9cb5b2e_JaffaCakes118
-
Size
2.0MB
-
MD5
f07efa5b4b8a3524164cd30fe9cb5b2e
-
SHA1
b5b07680f48a9cf77d77ab736843394b12e599a7
-
SHA256
9eea2b1b81605e01b97ce170f8ba54edcd75f922efa43e7a2cd64d028cdc6c93
-
SHA512
9d776c046bdcf4490c7922ea3f276786edd18cddfd767540f074cc817a310d1ac023ee4605e457d095674ec2c2aa9d036a0062dac9e6d4c56bbcf545a54c8c42
-
SSDEEP
49152:fdW6CS8CmAZhdqSnJa2bFVlzbnpLrfQMHNr1CLdW8HLVMegO696:fdyS8OhPa8VlDttBCLd1r6egt
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-