General
-
Target
ba423310ec7ba8c45138484c9f1ef211_JaffaCakes118
-
Size
7.9MB
-
Sample
240404-rdg8qshg6v
-
MD5
ba423310ec7ba8c45138484c9f1ef211
-
SHA1
6bdf4e53278bdad48e547fc1947aab83d939d771
-
SHA256
6ea2215857dc9761b4e82286b79cd2f286a12067f9745dcbc0b9b4c827fe65f3
-
SHA512
e0960935f361434a8c7da3574211d87b4d9c50b626729c29f0afc77ff99211d86edfc7cc818ed21bb2227eb481ae14ac650a3425b136ea6695fe0564901dd795
-
SSDEEP
196608:8+azg7DSm+azg7DSm+azg7DSm+azg7DSN:cg7u2g7u2g7u2g7uN
Static task
static1
Behavioral task
behavioral1
Sample
ba423310ec7ba8c45138484c9f1ef211_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
ba423310ec7ba8c45138484c9f1ef211_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ba423310ec7ba8c45138484c9f1ef211_JaffaCakes118
-
Size
7.9MB
-
MD5
ba423310ec7ba8c45138484c9f1ef211
-
SHA1
6bdf4e53278bdad48e547fc1947aab83d939d771
-
SHA256
6ea2215857dc9761b4e82286b79cd2f286a12067f9745dcbc0b9b4c827fe65f3
-
SHA512
e0960935f361434a8c7da3574211d87b4d9c50b626729c29f0afc77ff99211d86edfc7cc818ed21bb2227eb481ae14ac650a3425b136ea6695fe0564901dd795
-
SSDEEP
196608:8+azg7DSm+azg7DSm+azg7DSm+azg7DSN:cg7u2g7u2g7u2g7uN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-