General
-
Target
fff8b62c2dd2477e65e051bac0e6e4bd_JaffaCakes118
-
Size
55KB
-
Sample
240930-e56zysshjb
-
MD5
fff8b62c2dd2477e65e051bac0e6e4bd
-
SHA1
a4e3971bf87f8e8f389ad0cd099cdee1b26d2209
-
SHA256
dcaac12144961f7c9cca69d772312a968dc5cbca4f5e6a55ccc3d67e2a880223
-
SHA512
95c0cdb5affbeee74a9c0ca5b78ba89a7d56c002bbe4c6c050da195959ad35d7cfa17c8b4ad16dc1ef3167d3eac193798ebfe667157ac0159e81a9b8c2bdd9be
-
SSDEEP
1536:FUt0xMRO29ekerqGA0QdMBII3Iy1i5lES6xKy8j:Fk0xMRO8mqmQ/I3xwlES6xJ8j
Malware Config
Targets
-
-
Target
fff8b62c2dd2477e65e051bac0e6e4bd_JaffaCakes118
-
Size
55KB
-
MD5
fff8b62c2dd2477e65e051bac0e6e4bd
-
SHA1
a4e3971bf87f8e8f389ad0cd099cdee1b26d2209
-
SHA256
dcaac12144961f7c9cca69d772312a968dc5cbca4f5e6a55ccc3d67e2a880223
-
SHA512
95c0cdb5affbeee74a9c0ca5b78ba89a7d56c002bbe4c6c050da195959ad35d7cfa17c8b4ad16dc1ef3167d3eac193798ebfe667157ac0159e81a9b8c2bdd9be
-
SSDEEP
1536:FUt0xMRO29ekerqGA0QdMBII3Iy1i5lES6xKy8j:Fk0xMRO8mqmQ/I3xwlES6xJ8j
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-