General
-
Target
79f6f39301a153911c45acfae6e971ec_JaffaCakes118
-
Size
178KB
-
Sample
240401-zg4j5sfd69
-
MD5
79f6f39301a153911c45acfae6e971ec
-
SHA1
2939659173eddbea86ba0e0ecaac1576c75120e1
-
SHA256
f58169a2d747183e73eb586d60b018f189509fac6a3347b1898d6b398419e983
-
SHA512
a7044ffd483544197e3a4d799f7c573c7af7600f621883e1e3e934461aa0b1cff4c9846796eec101a62f93388878e19e2a1fa72c9b06aedbc3430a19f4ccaf9a
-
SSDEEP
3072:BASa55PFf/M3UdhnYPOLCadzM73cYsMz1/jYCPkyAtwo7+hGcI1cY:iSaXl94OdzfMzJjYCPkrwc4GcIO
Behavioral task
behavioral1
Sample
79f6f39301a153911c45acfae6e971ec_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
79f6f39301a153911c45acfae6e971ec_JaffaCakes118
-
Size
178KB
-
MD5
79f6f39301a153911c45acfae6e971ec
-
SHA1
2939659173eddbea86ba0e0ecaac1576c75120e1
-
SHA256
f58169a2d747183e73eb586d60b018f189509fac6a3347b1898d6b398419e983
-
SHA512
a7044ffd483544197e3a4d799f7c573c7af7600f621883e1e3e934461aa0b1cff4c9846796eec101a62f93388878e19e2a1fa72c9b06aedbc3430a19f4ccaf9a
-
SSDEEP
3072:BASa55PFf/M3UdhnYPOLCadzM73cYsMz1/jYCPkyAtwo7+hGcI1cY:iSaXl94OdzfMzJjYCPkrwc4GcIO
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-