General
-
Target
ba0d4deadcfd294a7bf48512ed6a5a8e_JaffaCakes118
-
Size
15.9MB
-
Sample
240404-q6m41she7s
-
MD5
ba0d4deadcfd294a7bf48512ed6a5a8e
-
SHA1
287a37a2068fc12151f86a402424c9a5429e8d45
-
SHA256
dd0ab620c53031b2764c8122bebe6bb1dd4291072ab24ffb3b0526e05b817914
-
SHA512
b405a0816f925dff07a873ac5a94ac0d2d6b605ef16f0640e095ff433894966f2ca84a7ac1250629735cc6e1ec410422c8709c386c33d01d205410ccc835c23f
-
SSDEEP
393216:jg7uZg7uZg7uZg7uZg7uZg7uZg7uZg7uN:ES6S6S6S6S6S6S6SN
Static task
static1
Behavioral task
behavioral1
Sample
ba0d4deadcfd294a7bf48512ed6a5a8e_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ba0d4deadcfd294a7bf48512ed6a5a8e_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ba0d4deadcfd294a7bf48512ed6a5a8e_JaffaCakes118
-
Size
15.9MB
-
MD5
ba0d4deadcfd294a7bf48512ed6a5a8e
-
SHA1
287a37a2068fc12151f86a402424c9a5429e8d45
-
SHA256
dd0ab620c53031b2764c8122bebe6bb1dd4291072ab24ffb3b0526e05b817914
-
SHA512
b405a0816f925dff07a873ac5a94ac0d2d6b605ef16f0640e095ff433894966f2ca84a7ac1250629735cc6e1ec410422c8709c386c33d01d205410ccc835c23f
-
SSDEEP
393216:jg7uZg7uZg7uZg7uZg7uZg7uZg7uZg7uN:ES6S6S6S6S6S6S6SN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-