General
-
Target
bf459804b7f1771fb3ca27685fb6b5ea_JaffaCakes118
-
Size
17KB
-
Sample
240404-wtfgased9t
-
MD5
bf459804b7f1771fb3ca27685fb6b5ea
-
SHA1
076f5713da66ad5f0850a839ca488a6e3bfaff5f
-
SHA256
99269a57910f8bc283c7f777ce44aa1eb0e2a71e8d50af80edb41fbb984a0176
-
SHA512
4d30788211ff67190154a1f191f480378db9436399adef690d2e5334dc1d2113b8eb92eb157e8835ca975fecb74ad989af6d70629ed76d0715db78c45b6fb9fc
-
SSDEEP
384:GFQqx9dZcmZO2Zp+Nye8pqrmub8TyztsDN:GO6dZoKK8o8TyJc
Static task
static1
Behavioral task
behavioral1
Sample
bf459804b7f1771fb3ca27685fb6b5ea_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
bf459804b7f1771fb3ca27685fb6b5ea_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
bf459804b7f1771fb3ca27685fb6b5ea_JaffaCakes118
-
Size
17KB
-
MD5
bf459804b7f1771fb3ca27685fb6b5ea
-
SHA1
076f5713da66ad5f0850a839ca488a6e3bfaff5f
-
SHA256
99269a57910f8bc283c7f777ce44aa1eb0e2a71e8d50af80edb41fbb984a0176
-
SHA512
4d30788211ff67190154a1f191f480378db9436399adef690d2e5334dc1d2113b8eb92eb157e8835ca975fecb74ad989af6d70629ed76d0715db78c45b6fb9fc
-
SSDEEP
384:GFQqx9dZcmZO2Zp+Nye8pqrmub8TyztsDN:GO6dZoKK8o8TyJc
Score8/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-