General
-
Target
9f1f16de6755f29a852e3b955a9bc867_JaffaCakes118
-
Size
5.9MB
-
Sample
241126-b5hetaxmdx
-
MD5
9f1f16de6755f29a852e3b955a9bc867
-
SHA1
5e5bf75f40b1777176ce36b0ce0ef6014eb6c8ef
-
SHA256
d563a31a5bea70ba4ac0cb6e52061d1ec18aa0dc30d1c1f3ce16b4377ce8ddc6
-
SHA512
933373b80525b3cdfc6fc8edaafdb7db9986812ebf44dd40c7d32ab6d8c8ed074df3e97fd933e7018e0e44a88f983705343825cc9a6c2a5ddae8cf04f1e89718
-
SSDEEP
98304:1bYLG01chcME9qGigwR8hcfMksQbzAfVrYe5vDCzd38moANZ1lv33:1OtoGhcEkszd5GJ33
Malware Config
Targets
-
-
Target
9f1f16de6755f29a852e3b955a9bc867_JaffaCakes118
-
Size
5.9MB
-
MD5
9f1f16de6755f29a852e3b955a9bc867
-
SHA1
5e5bf75f40b1777176ce36b0ce0ef6014eb6c8ef
-
SHA256
d563a31a5bea70ba4ac0cb6e52061d1ec18aa0dc30d1c1f3ce16b4377ce8ddc6
-
SHA512
933373b80525b3cdfc6fc8edaafdb7db9986812ebf44dd40c7d32ab6d8c8ed074df3e97fd933e7018e0e44a88f983705343825cc9a6c2a5ddae8cf04f1e89718
-
SSDEEP
98304:1bYLG01chcME9qGigwR8hcfMksQbzAfVrYe5vDCzd38moANZ1lv33:1OtoGhcEkszd5GJ33
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-