General
-
Target
e768ec5e24cb968f95f502c6e2a3fd0a_JaffaCakes118
-
Size
4.5MB
-
Sample
240408-n4tgxage86
-
MD5
e768ec5e24cb968f95f502c6e2a3fd0a
-
SHA1
c863d456c8ffe48dac95b1466b27ad110a0783e9
-
SHA256
ef1dcaed391183704deadbefbd7dba3aedd57edd87dcfc0482f8218e86050bf2
-
SHA512
a6b4e5684abf1086a3c3a848c4abcf64a9e697b72253452ecd3b383218ac04b9d1e638f639be272b0945ff26273acdaf865f494b971947e4fad163e7afffcbdd
-
SSDEEP
98304:QJQaLXTZx9lyUZJ0HArfMgHHIpP3VdXVQ//i6rQUKx44bacL7ZI:QJQaLnyUE8ERdXVQhroxXbZ3O
Static task
static1
Behavioral task
behavioral1
Sample
e768ec5e24cb968f95f502c6e2a3fd0a_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
e768ec5e24cb968f95f502c6e2a3fd0a_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e768ec5e24cb968f95f502c6e2a3fd0a_JaffaCakes118
-
Size
4.5MB
-
MD5
e768ec5e24cb968f95f502c6e2a3fd0a
-
SHA1
c863d456c8ffe48dac95b1466b27ad110a0783e9
-
SHA256
ef1dcaed391183704deadbefbd7dba3aedd57edd87dcfc0482f8218e86050bf2
-
SHA512
a6b4e5684abf1086a3c3a848c4abcf64a9e697b72253452ecd3b383218ac04b9d1e638f639be272b0945ff26273acdaf865f494b971947e4fad163e7afffcbdd
-
SSDEEP
98304:QJQaLXTZx9lyUZJ0HArfMgHHIpP3VdXVQ//i6rQUKx44bacL7ZI:QJQaLnyUE8ERdXVQhroxXbZ3O
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-