General
-
Target
JaffaCakes118_1cf25999202dc9426ae5f2e7f77e67dfac062bb1a8a99dd9959b6451f3f499a0
-
Size
83.9MB
-
Sample
241223-1bdbfasjgl
-
MD5
4af39f5f5f586b73c91dae10eb527949
-
SHA1
0bd19b2327a1365753f555703eb1f20b2ab797f3
-
SHA256
1cf25999202dc9426ae5f2e7f77e67dfac062bb1a8a99dd9959b6451f3f499a0
-
SHA512
12ad79eb3b1be3f6e3dfa9a65f4bbba3d2ecf12f46cb360ba1a90e9188571ddc6ae68e25719c5e9b4194e77bdd038dd1cd7ec25187ffc7834c54bf69aa7c22bf
-
SSDEEP
1572864:yi9S2rG8Xzsjq9+Jt2/JYul9eO+B7bgIykbQJd8Lmseadm14Bqt:yic2Ub2/JYW9eO+B7b5ykbSd8Lmseay5
Static task
static1
Behavioral task
behavioral1
Sample
PlexDlnaServer.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
PlexDlnaServer.exe
-
Size
122.5MB
-
MD5
c893af41e33ca5da0a8acf8ac623c2ae
-
SHA1
65412f1aa3839e41a00adc2ebc7162880c258be7
-
SHA256
42ccd61f1357d37d8c439082e195eed6eb0d3a6b060852ce57161b469919f778
-
SHA512
20474b4ab6e85a7b33d544a5f8cdb5d6b03b86ee67b07a54a17ee6358d51abdcd0711a78999fceb83f971590707c62941f0d2c5d18abc1c091694ea29ceb517f
-
SSDEEP
3145728:zvTXJ9SA7SJ4rS5rCf5PSiDLJHYbxYUBQDLfy/LEXwzce:zTJsrc56YLJHYVlBQHKN4
-
Babadeda Crypter
-
Babadeda family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-