General
-
Target
00ccdf7cdcea82ad9ce888952c00e288_JaffaCakes118
-
Size
318KB
-
Sample
240930-l8n2watfpd
-
MD5
00ccdf7cdcea82ad9ce888952c00e288
-
SHA1
daf73b2b71a0739e7ec1b856d7163714ae1ddfab
-
SHA256
e8627e936864dfefdd73b2f16cbb59bfc963f1d310d34ef9ab39b7ab11a4d0b7
-
SHA512
b435bfc318f954a0f08c7ce888161ec3ae8aaa029531ee95c7b8138b6397f4291c758632f00ec54d68b2718e0137ca01e9ef52efdabd38cf4a1bf45b3cd2bcdb
-
SSDEEP
6144:/xIr+R6R95TzlyHRlrKK1/19kk4vutHQQB4r6yfk6aXFywQJfA8ldkjb:/GrEszkHRlhLkk42tHpB4Oyfk68FywQ4
Malware Config
Targets
-
-
Target
00ccdf7cdcea82ad9ce888952c00e288_JaffaCakes118
-
Size
318KB
-
MD5
00ccdf7cdcea82ad9ce888952c00e288
-
SHA1
daf73b2b71a0739e7ec1b856d7163714ae1ddfab
-
SHA256
e8627e936864dfefdd73b2f16cbb59bfc963f1d310d34ef9ab39b7ab11a4d0b7
-
SHA512
b435bfc318f954a0f08c7ce888161ec3ae8aaa029531ee95c7b8138b6397f4291c758632f00ec54d68b2718e0137ca01e9ef52efdabd38cf4a1bf45b3cd2bcdb
-
SSDEEP
6144:/xIr+R6R95TzlyHRlrKK1/19kk4vutHQQB4r6yfk6aXFywQJfA8ldkjb:/GrEszkHRlhLkk42tHpB4Oyfk68FywQ4
Score8/10-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-