General
-
Target
42c8c15d0dfd6b91f6e143f032a8e5dc_JaffaCakes118
-
Size
857KB
-
Sample
241014-sfeq3avdqn
-
MD5
42c8c15d0dfd6b91f6e143f032a8e5dc
-
SHA1
c2af0d5c1e5bf3847ebee9486fa3c432039a1b2c
-
SHA256
ed8552f863e2ed47d4a395ee4ac1ad922ab1f462dfff9d55fe36c536f77816a1
-
SHA512
3770cae5e300c2c8e80b2604a3c01d65dd052089109f37e33a466e497b839a74577fbe7a3729262b54bac9c2aff93e839b7e9d932dc7d627d983ff4106e1c250
-
SSDEEP
24576:grNHdMZ2DJdpcwzo35G1rlGaIpyn5720ZFHdVh0+gHaHMk8X4e8ljtXj:QNC2DdbzoirlopoP10+g6sN4JtT
Malware Config
Targets
-
-
Target
360Safe.exe
-
Size
1.4MB
-
MD5
ebb0e69443cf4d7e7bacbddb46a2351a
-
SHA1
4702068dc9e19668fab33c41126932c8243a46ca
-
SHA256
d3d29016dda7f8ba6015cd9b0e82c60132cba069db9cec7cd9fb43767d2dadfb
-
SHA512
2fc74d543d11824795e4e76c46f0819989d2989651896b8be56e458505bf0257ed7cd569256c47009dafab6872ef0af97456c222b172674deac87ae8616fac67
-
SSDEEP
24576:BkM9MPReYKnnWInOnT8A+gb0iWcJRkKK8wrll3EySu2LuqJ/i/t:BkFPRB+POnTv5b0fcJREV3FFyi/t
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-