General
-
Target
7a01cfa6154cba34ff833b797d152065_JaffaCakes118
-
Size
173KB
-
Sample
240401-zja1lsfd95
-
MD5
7a01cfa6154cba34ff833b797d152065
-
SHA1
10f184ac8d4832b82e20767d67b2c8e00802d271
-
SHA256
755fb0df132dcc7daa780417e16140d05763ff20d133de81cf087512e3c07416
-
SHA512
3aa80f178974a388b441064632c0a8f7bc4125fffa048ade701fa7ba0c3712a88432e7eaac8bbe6e699e0c1495a63e3ce1c2a136b56f884828f2ba26ab8e484b
-
SSDEEP
3072:SIdkX5jRRiimnn3PETXDdKVBBkGN48eEkY7zEt793e87icY:jLb38TXBcBRNf4Zte83
Behavioral task
behavioral1
Sample
7a01cfa6154cba34ff833b797d152065_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
7a01cfa6154cba34ff833b797d152065_JaffaCakes118
-
Size
173KB
-
MD5
7a01cfa6154cba34ff833b797d152065
-
SHA1
10f184ac8d4832b82e20767d67b2c8e00802d271
-
SHA256
755fb0df132dcc7daa780417e16140d05763ff20d133de81cf087512e3c07416
-
SHA512
3aa80f178974a388b441064632c0a8f7bc4125fffa048ade701fa7ba0c3712a88432e7eaac8bbe6e699e0c1495a63e3ce1c2a136b56f884828f2ba26ab8e484b
-
SSDEEP
3072:SIdkX5jRRiimnn3PETXDdKVBBkGN48eEkY7zEt793e87icY:jLb38TXBcBRNf4Zte83
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-