General
-
Target
e757ec9e092cc7f3b64ba733720b5e2b_JaffaCakes118
-
Size
484KB
-
Sample
240408-ngltjsbc4s
-
MD5
e757ec9e092cc7f3b64ba733720b5e2b
-
SHA1
0a3f39f8c6d6ca35c1f28576f92e16420a012952
-
SHA256
e372acbb28c8cc5c9ca112a1043d27d0feffda9b3828b6a59b3d736f277c9392
-
SHA512
75914a2b33f7633322fe45dc89263a4760c368991a9a52df8c3f25dc6dc2ad4781cf515add7a40570a7720de4155f78b98407302f357d51548a68c9a85430c33
-
SSDEEP
12288:bP9GBWQch+L/ZgHP+v7xK0DmFwUfIp7JVyvWt1aBnSFAPHzeO:bPoBHch+uudKNffiv1aVSaPTeO
Static task
static1
Behavioral task
behavioral1
Sample
e757ec9e092cc7f3b64ba733720b5e2b_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e757ec9e092cc7f3b64ba733720b5e2b_JaffaCakes118.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
e757ec9e092cc7f3b64ba733720b5e2b_JaffaCakes118
-
Size
484KB
-
MD5
e757ec9e092cc7f3b64ba733720b5e2b
-
SHA1
0a3f39f8c6d6ca35c1f28576f92e16420a012952
-
SHA256
e372acbb28c8cc5c9ca112a1043d27d0feffda9b3828b6a59b3d736f277c9392
-
SHA512
75914a2b33f7633322fe45dc89263a4760c368991a9a52df8c3f25dc6dc2ad4781cf515add7a40570a7720de4155f78b98407302f357d51548a68c9a85430c33
-
SSDEEP
12288:bP9GBWQch+L/ZgHP+v7xK0DmFwUfIp7JVyvWt1aBnSFAPHzeO:bPoBHch+uudKNffiv1aVSaPTeO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-