General
-
Target
26c6a2c8653bb40eb8d8ad64f5e009e4_JaffaCakes118
-
Size
252KB
-
Sample
240705-jt6bhavdml
-
MD5
26c6a2c8653bb40eb8d8ad64f5e009e4
-
SHA1
a3bf88f3b6b8a4230e955488512be9a24bc1f615
-
SHA256
3fe9c6c66f4b6f9fe6ef13c2e5ab2b281bf848c7b20c74163c2a2f1d9f4d13cb
-
SHA512
8a429fcc80fae1a4c4ba9f32564227d6b775e0dacba5ed661fc6fe9f5373d52187d6b41beef16dc62632605376f63eb8a4fd53b47b853370b09403dbf7fe05ee
-
SSDEEP
6144:u+U4x8pQOx12S6fkLbpnkd+EUMxk4bCroS8KLH7aml1zH1ga0ZFsI5Qc+:u+U4x8pQOx12PkrfoS8KT7aml1+d5Qc+
Malware Config
Targets
-
-
Target
26c6a2c8653bb40eb8d8ad64f5e009e4_JaffaCakes118
-
Size
252KB
-
MD5
26c6a2c8653bb40eb8d8ad64f5e009e4
-
SHA1
a3bf88f3b6b8a4230e955488512be9a24bc1f615
-
SHA256
3fe9c6c66f4b6f9fe6ef13c2e5ab2b281bf848c7b20c74163c2a2f1d9f4d13cb
-
SHA512
8a429fcc80fae1a4c4ba9f32564227d6b775e0dacba5ed661fc6fe9f5373d52187d6b41beef16dc62632605376f63eb8a4fd53b47b853370b09403dbf7fe05ee
-
SSDEEP
6144:u+U4x8pQOx12S6fkLbpnkd+EUMxk4bCroS8KLH7aml1zH1ga0ZFsI5Qc+:u+U4x8pQOx12PkrfoS8KT7aml1+d5Qc+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-