General
-
Target
2d50a9e7c9ce385655e9408cba81f88c_JaffaCakes118
-
Size
5.0MB
-
Sample
241009-jfbvqsvcjn
-
MD5
2d50a9e7c9ce385655e9408cba81f88c
-
SHA1
49ebcadf049da78ed30fe9908f62882113300e0c
-
SHA256
6c670d51c822d424e1e15bcec6e3f8a311474a6550b12fc06057e358d69d2ae4
-
SHA512
465036da7046763d8566bd15d784197bac7d4f9f7d4852ec5145c850f9188fe49f040cf86a4eeaa99ac42303c7cde21e116662c0112b071d2dbb339a9cc5ec41
-
SSDEEP
98304:uTWwuT/Y5DZ4FwOvQm5xhmwAkG/UVbOygKzCW8WYiwOBpIeWjWHK:u95DZ/OvQcpAj/UVCXVi1zwn
Malware Config
Targets
-
-
Target
2d50a9e7c9ce385655e9408cba81f88c_JaffaCakes118
-
Size
5.0MB
-
MD5
2d50a9e7c9ce385655e9408cba81f88c
-
SHA1
49ebcadf049da78ed30fe9908f62882113300e0c
-
SHA256
6c670d51c822d424e1e15bcec6e3f8a311474a6550b12fc06057e358d69d2ae4
-
SHA512
465036da7046763d8566bd15d784197bac7d4f9f7d4852ec5145c850f9188fe49f040cf86a4eeaa99ac42303c7cde21e116662c0112b071d2dbb339a9cc5ec41
-
SSDEEP
98304:uTWwuT/Y5DZ4FwOvQm5xhmwAkG/UVbOygKzCW8WYiwOBpIeWjWHK:u95DZ/OvQcpAj/UVCXVi1zwn
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-