General
-
Target
b88f953d73d7f62791ef26e166996855_JaffaCakes118
-
Size
15.9MB
-
Sample
240404-pveg3agd29
-
MD5
b88f953d73d7f62791ef26e166996855
-
SHA1
e11340fd6b807474b735811583638079abc939ab
-
SHA256
d4d33e49b3a09b18a9ca25a5c4c4bc1837690f2bceb29ae09dbb00b85ae6f3a6
-
SHA512
e525ceec8700828e5c6d045de77353cabf6dbae2ccf98065657740036243f1621b036bc56b4d33050146b55c4f040b7aeead7e8692186061b30398d873175b7e
-
SSDEEP
393216:2g7uAg7uAg7uAg7uAg7uAg7uAg7uAg7uN:bStStStStStStStSN
Static task
static1
Behavioral task
behavioral1
Sample
b88f953d73d7f62791ef26e166996855_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b88f953d73d7f62791ef26e166996855_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
b88f953d73d7f62791ef26e166996855_JaffaCakes118
-
Size
15.9MB
-
MD5
b88f953d73d7f62791ef26e166996855
-
SHA1
e11340fd6b807474b735811583638079abc939ab
-
SHA256
d4d33e49b3a09b18a9ca25a5c4c4bc1837690f2bceb29ae09dbb00b85ae6f3a6
-
SHA512
e525ceec8700828e5c6d045de77353cabf6dbae2ccf98065657740036243f1621b036bc56b4d33050146b55c4f040b7aeead7e8692186061b30398d873175b7e
-
SSDEEP
393216:2g7uAg7uAg7uAg7uAg7uAg7uAg7uAg7uN:bStStStStStStStSN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-