General
-
Target
befd7da007fcb4b2773f8cc8b712d586_JaffaCakes118
-
Size
7.9MB
-
Sample
240404-wkgm1aeb71
-
MD5
befd7da007fcb4b2773f8cc8b712d586
-
SHA1
66f7751d71ab1f03f0e83847d4df3d1d8b3465ac
-
SHA256
bb09c6570dd05785d46d0dd2ec235f6f879635da0ad21f01410bb90532b0f2d9
-
SHA512
25de7e8cfbfd7555b19e07410696e9ee9a7384a914624802e9b10b432f949c71c4f9a872e50ae28e3aae7a4360e9c0cc12a7748419ed99675a90bb01e4e0a197
-
SSDEEP
196608:0xazg7DS8xazg7DS8xazg7DS8xazg7DSv:pg7uRg7uRg7uRg7uv
Static task
static1
Behavioral task
behavioral1
Sample
befd7da007fcb4b2773f8cc8b712d586_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
befd7da007fcb4b2773f8cc8b712d586_JaffaCakes118.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
befd7da007fcb4b2773f8cc8b712d586_JaffaCakes118
-
Size
7.9MB
-
MD5
befd7da007fcb4b2773f8cc8b712d586
-
SHA1
66f7751d71ab1f03f0e83847d4df3d1d8b3465ac
-
SHA256
bb09c6570dd05785d46d0dd2ec235f6f879635da0ad21f01410bb90532b0f2d9
-
SHA512
25de7e8cfbfd7555b19e07410696e9ee9a7384a914624802e9b10b432f949c71c4f9a872e50ae28e3aae7a4360e9c0cc12a7748419ed99675a90bb01e4e0a197
-
SSDEEP
196608:0xazg7DS8xazg7DS8xazg7DS8xazg7DSv:pg7uRg7uRg7uRg7uv
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-