6bfa5366c40cb47ed3c1863e757c8fa45e17b57cefa2534f00a4fa641b01e076

General

Target

fb2730c58f670c119a7f7e60b724e242_JaffaCakes118
Size

124KB
Sample

240928-ahq8rsyhlg
MD5

fb2730c58f670c119a7f7e60b724e242
SHA1

18edebef7b041cbe563b26d4e509ad9f6682727c
SHA256

6bfa5366c40cb47ed3c1863e757c8fa45e17b57cefa2534f00a4fa641b01e076
SHA512

dd905e8e684865d1bb1fccf800e36b07cdfe1dc189fdf5e86d40840170401eeddda4e4e50942e07df94f7d5472c054cd5fcd8e6ad3f55724978791f45f5ee202
SSDEEP

3072:HaF6FISxuJ8JtNkKzattyVO+XuQu3jvDXR:UOMeDw+Xu5TvDB

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  fb2730c58f670c119a7f7e60b724e242_JaffaCakes118
- Size
  
  124KB
- MD5
  
  fb2730c58f670c119a7f7e60b724e242
- SHA1
  
  18edebef7b041cbe563b26d4e509ad9f6682727c
- SHA256
  
  6bfa5366c40cb47ed3c1863e757c8fa45e17b57cefa2534f00a4fa641b01e076
- SHA512
  
  dd905e8e684865d1bb1fccf800e36b07cdfe1dc189fdf5e86d40840170401eeddda4e4e50942e07df94f7d5472c054cd5fcd8e6ad3f55724978791f45f5ee202
- SSDEEP
  
  3072:HaF6FISxuJ8JtNkKzattyVO+XuQu3jvDXR:UOMeDw+Xu5TvDB
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  .rsrc/0/RCDATA/PERES
- Size
  
  71KB
- MD5
  
  1025bceb15b7327f929d769f86e8edcd
- SHA1
  
  b4e4af5f6fe0aabe4de3afaccd7bb782278b0bf0
- SHA256
  
  bea9d54c54953e81f98ee4ee46193487ad85b7e94f25eab5518df944c70d2ae9
- SHA512
  
  b716e36eeb4a776c2f897547d922c36059a34a25df39784fc11c9a78893c9f9fe135ab3aa893cfe2fb4dce423628c9db698ac260984170253cc8d9a6baaaa4bc
- SSDEEP
  
  1536:lNGRKzc/bLlFT1sJDBOurXHgz5S+N3++uRvaRD:lNkKzattyVO+XuQu3jvD
Score

7^/10

discovery
- Loads dropped DLL
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral3 behavioral4