General
-
Target
e75d27a4dec7334e548a776a58137877_JaffaCakes118
-
Size
318KB
-
Sample
240408-nnzzraga93
-
MD5
e75d27a4dec7334e548a776a58137877
-
SHA1
85e46d71cd015e4714459d2fe73f6c9a066199f5
-
SHA256
5e9b31834d9951e950f884bea2a45bafb99c1761fbb8b7be4301467f55795d1a
-
SHA512
28669e18a2ea427fa90f11ec4ed5f024bd3a28a4602bfe091fc6155e3b2f170f9f7f245a0912aa6cca627c6bc9802d4b39a75043c57d6d5e4c4ac3896710755f
-
SSDEEP
6144:TKjZaimwIqlazWEIBk4ZAs3CaYo/TRg4w6kT1kYftg5d672:dZqIzW35RFn9g311kYfi6K
Static task
static1
Behavioral task
behavioral1
Sample
e75d27a4dec7334e548a776a58137877_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
latentbot
75as4d53a1sd.zapto.org
Targets
-
-
Target
e75d27a4dec7334e548a776a58137877_JaffaCakes118
-
Size
318KB
-
MD5
e75d27a4dec7334e548a776a58137877
-
SHA1
85e46d71cd015e4714459d2fe73f6c9a066199f5
-
SHA256
5e9b31834d9951e950f884bea2a45bafb99c1761fbb8b7be4301467f55795d1a
-
SHA512
28669e18a2ea427fa90f11ec4ed5f024bd3a28a4602bfe091fc6155e3b2f170f9f7f245a0912aa6cca627c6bc9802d4b39a75043c57d6d5e4c4ac3896710755f
-
SSDEEP
6144:TKjZaimwIqlazWEIBk4ZAs3CaYo/TRg4w6kT1kYftg5d672:dZqIzW35RFn9g311kYfi6K
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-