General
-
Target
b8ce562e57a188912561833ce84e94a8_JaffaCakes118
-
Size
15.9MB
-
Sample
240404-p33jvsgh38
-
MD5
b8ce562e57a188912561833ce84e94a8
-
SHA1
b927349971d577f6a2264cf7cf40d25ae5977f88
-
SHA256
b70b93f120a8af84a8c883d3eb0ca7cfe5016a1e496ae9a884eef8d263e88cd4
-
SHA512
4886973dbbae9aad0b923ceb6a37b3a46885fe0721264de306a5ccb1238ec13e74309db50cf97bc2d549b5838b521fcfd894d21aea0e873c2e4901097c1aa821
-
SSDEEP
393216:fg7u1g7u1g7u1g7u1g7u1g7u1g7u1g7uN:IS+S+S+S+S+S+S+SN
Static task
static1
Behavioral task
behavioral1
Sample
b8ce562e57a188912561833ce84e94a8_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b8ce562e57a188912561833ce84e94a8_JaffaCakes118.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
b8ce562e57a188912561833ce84e94a8_JaffaCakes118
-
Size
15.9MB
-
MD5
b8ce562e57a188912561833ce84e94a8
-
SHA1
b927349971d577f6a2264cf7cf40d25ae5977f88
-
SHA256
b70b93f120a8af84a8c883d3eb0ca7cfe5016a1e496ae9a884eef8d263e88cd4
-
SHA512
4886973dbbae9aad0b923ceb6a37b3a46885fe0721264de306a5ccb1238ec13e74309db50cf97bc2d549b5838b521fcfd894d21aea0e873c2e4901097c1aa821
-
SSDEEP
393216:fg7u1g7u1g7u1g7u1g7u1g7u1g7u1g7uN:IS+S+S+S+S+S+S+SN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-