General
-
Target
f56eb7305dc3507cc1a666cece1b2be5_JaffaCakes118
-
Size
572KB
-
Sample
240925-hma2ca1crr
-
MD5
f56eb7305dc3507cc1a666cece1b2be5
-
SHA1
40fc3985de09ce66ecf4859bb47ebddcab4c98d2
-
SHA256
7ba333522c5c8504ba2f09bfde52cb356154d8169f925b41e385c8c7a65c2d27
-
SHA512
07e9f279a8f40a733ad817f794cee5f8532351fa4b4b59b6616abe38754e561ba054d203fd6624467615324a91c5b9a9f3ad066768d390359c69dbf34ca0c69b
-
SSDEEP
12288:dxrcBVrhSHoh2eOW0XvkkrGzNNzVoR5s/m70jOweN3L/F:XgBSHohH0XvfCJVo6mBwW35
Malware Config
Targets
-
-
Target
f56eb7305dc3507cc1a666cece1b2be5_JaffaCakes118
-
Size
572KB
-
MD5
f56eb7305dc3507cc1a666cece1b2be5
-
SHA1
40fc3985de09ce66ecf4859bb47ebddcab4c98d2
-
SHA256
7ba333522c5c8504ba2f09bfde52cb356154d8169f925b41e385c8c7a65c2d27
-
SHA512
07e9f279a8f40a733ad817f794cee5f8532351fa4b4b59b6616abe38754e561ba054d203fd6624467615324a91c5b9a9f3ad066768d390359c69dbf34ca0c69b
-
SSDEEP
12288:dxrcBVrhSHoh2eOW0XvkkrGzNNzVoR5s/m70jOweN3L/F:XgBSHohH0XvfCJVo6mBwW35
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-