General
-
Target
be3ac09e1e59bd6c4d95aedd312d24fe_JaffaCakes118
-
Size
7.9MB
-
Sample
240404-vwzghsea85
-
MD5
be3ac09e1e59bd6c4d95aedd312d24fe
-
SHA1
fa294475786914fec9fd74fca916ebc3053d535a
-
SHA256
2e4015c5e5cff7be53f4b615cb0ac53813e2e79e26581bca288d63bc4354cf77
-
SHA512
98eee9c2c99bb887fbb8f3e72bcce2f24cacd7d806c0ab9f9790a13b6570a704c0bdc8704aa785c98dbd99083230dbe27059d1295c02265e97ce045ea6b36d77
-
SSDEEP
196608:05azg7DS85azg7DS85azg7DS85azg7DSv:Ng7u1g7u1g7u1g7uv
Static task
static1
Behavioral task
behavioral1
Sample
be3ac09e1e59bd6c4d95aedd312d24fe_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
be3ac09e1e59bd6c4d95aedd312d24fe_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
be3ac09e1e59bd6c4d95aedd312d24fe_JaffaCakes118
-
Size
7.9MB
-
MD5
be3ac09e1e59bd6c4d95aedd312d24fe
-
SHA1
fa294475786914fec9fd74fca916ebc3053d535a
-
SHA256
2e4015c5e5cff7be53f4b615cb0ac53813e2e79e26581bca288d63bc4354cf77
-
SHA512
98eee9c2c99bb887fbb8f3e72bcce2f24cacd7d806c0ab9f9790a13b6570a704c0bdc8704aa785c98dbd99083230dbe27059d1295c02265e97ce045ea6b36d77
-
SSDEEP
196608:05azg7DS85azg7DS85azg7DS85azg7DSv:Ng7u1g7u1g7u1g7uv
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-