General
-
Target
e967e5778bbce368c0786e990cda6417_JaffaCakes118
-
Size
1.4MB
-
Sample
240409-hq3krscc4y
-
MD5
e967e5778bbce368c0786e990cda6417
-
SHA1
92c06f11f52865d2c05a091d92907cc446b150f3
-
SHA256
1012f81b764e19da221657cbf5c400063faef8f97d82ccc1c7b1bab0921aa85b
-
SHA512
098caaec0f9482e2b13d1460d3be95322fa564ff5490fe9c06cee735502edabf95804e9d42504bf3d60557b187ce798fa883e188e0c5307a3f33a291f360d8b5
-
SSDEEP
24576:rrfP1Tok9Kc87buCPiCH3pSkT4gN38kOW8qdM7o+N4Du7Ec:Pd9KcsbDiCwM4CsBTWMpN4OEc
Static task
static1
Behavioral task
behavioral1
Sample
e967e5778bbce368c0786e990cda6417_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
e967e5778bbce368c0786e990cda6417_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e967e5778bbce368c0786e990cda6417_JaffaCakes118
-
Size
1.4MB
-
MD5
e967e5778bbce368c0786e990cda6417
-
SHA1
92c06f11f52865d2c05a091d92907cc446b150f3
-
SHA256
1012f81b764e19da221657cbf5c400063faef8f97d82ccc1c7b1bab0921aa85b
-
SHA512
098caaec0f9482e2b13d1460d3be95322fa564ff5490fe9c06cee735502edabf95804e9d42504bf3d60557b187ce798fa883e188e0c5307a3f33a291f360d8b5
-
SSDEEP
24576:rrfP1Tok9Kc87buCPiCH3pSkT4gN38kOW8qdM7o+N4Du7Ec:Pd9KcsbDiCwM4CsBTWMpN4OEc
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-