General
-
Target
0eebbc2aeb4f69fb37e18b32c82fedf0_JaffaCakes118
-
Size
661KB
-
Sample
241003-k9f7zswakl
-
MD5
0eebbc2aeb4f69fb37e18b32c82fedf0
-
SHA1
0316374272a15f8dc830b062788ee4fb65eaa526
-
SHA256
a828998e325b19ff3391f4be8c871ad5ec66dcccd716ee06430c57ba00bc48cf
-
SHA512
f0eb7c2e95a4d63c26b6b91e2a3ce2bb881858a808fc36c15636fd8ad2194af6ed3c07600d680950f488c8e93e6486631f972d16847a01bd3d01199905e1ea58
-
SSDEEP
12288:t4SACCy0pOX3rR1xEOJqUYbECyK8ZKOgCJNKosAd3YjyEyZFeI3eUF:tvjpHrhdcdEjKOtJNKoJ3OyZFXv
Malware Config
Targets
-
-
Target
0eebbc2aeb4f69fb37e18b32c82fedf0_JaffaCakes118
-
Size
661KB
-
MD5
0eebbc2aeb4f69fb37e18b32c82fedf0
-
SHA1
0316374272a15f8dc830b062788ee4fb65eaa526
-
SHA256
a828998e325b19ff3391f4be8c871ad5ec66dcccd716ee06430c57ba00bc48cf
-
SHA512
f0eb7c2e95a4d63c26b6b91e2a3ce2bb881858a808fc36c15636fd8ad2194af6ed3c07600d680950f488c8e93e6486631f972d16847a01bd3d01199905e1ea58
-
SSDEEP
12288:t4SACCy0pOX3rR1xEOJqUYbECyK8ZKOgCJNKosAd3YjyEyZFeI3eUF:tvjpHrhdcdEjKOtJNKoJ3OyZFXv
Score8/10-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-