General
-
Target
1c0a7f25e19c3960d6c4232ca30cc001_JaffaCakes118
-
Size
668KB
-
Sample
240329-h6r4zacc4x
-
MD5
1c0a7f25e19c3960d6c4232ca30cc001
-
SHA1
4edac8c3ea34f5c3a30b322fcc69b09d5070c1bf
-
SHA256
34771014ef13f70caa589a056e330cff3b1617443a9224ec3d5402ef0d88bb48
-
SHA512
fae64d8858029991bc95d3bb6195d2f694e4c4c59c2c6cbcc25149deaa54a5cc1ce19e1db1bf4abe29c6a43940c5d6c02e6f499098a6ef791182185432d4938c
-
SSDEEP
12288:60vu6BkozKslNh7Uw0tiIZE9jojSC1U2NhZdP6N0f98LWrIzH:60vu3sHhA4IZYjojJNhZdP9GWrIz
Behavioral task
behavioral1
Sample
1c0a7f25e19c3960d6c4232ca30cc001_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1c0a7f25e19c3960d6c4232ca30cc001_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
1c0a7f25e19c3960d6c4232ca30cc001_JaffaCakes118
-
Size
668KB
-
MD5
1c0a7f25e19c3960d6c4232ca30cc001
-
SHA1
4edac8c3ea34f5c3a30b322fcc69b09d5070c1bf
-
SHA256
34771014ef13f70caa589a056e330cff3b1617443a9224ec3d5402ef0d88bb48
-
SHA512
fae64d8858029991bc95d3bb6195d2f694e4c4c59c2c6cbcc25149deaa54a5cc1ce19e1db1bf4abe29c6a43940c5d6c02e6f499098a6ef791182185432d4938c
-
SSDEEP
12288:60vu6BkozKslNh7Uw0tiIZE9jojSC1U2NhZdP6N0f98LWrIzH:60vu3sHhA4IZYjojJNhZdP9GWrIz
Score10/10-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-