General
-
Target
ec2bd119fcee7ea76f59daf6ce0ee736_JaffaCakes118
-
Size
4.0MB
-
Sample
240410-2x23csdf44
-
MD5
ec2bd119fcee7ea76f59daf6ce0ee736
-
SHA1
f5a9a955b62e3e5c7bbf7446c57bb5e7edadfba8
-
SHA256
3e65f49adee42b958ebcd10a30bd1ade1f3a213cb3d1616dec6a8acc0c2836a5
-
SHA512
7f7ed97555c85fd99ec5f4e8e27306f351d5d36931d690ed9781c47a1da3916f22895b895da5c21034112f81b8e76b35dda1bdc9a15ebb96c6fde817de6d0b75
-
SSDEEP
98304:uviz/27qWGq/TzuqCDl2Ptao7jiczWP/X5s85m5Nl:uviq75/TzuflVZTGNl
Static task
static1
Behavioral task
behavioral1
Sample
ec2bd119fcee7ea76f59daf6ce0ee736_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ec2bd119fcee7ea76f59daf6ce0ee736_JaffaCakes118
-
Size
4.0MB
-
MD5
ec2bd119fcee7ea76f59daf6ce0ee736
-
SHA1
f5a9a955b62e3e5c7bbf7446c57bb5e7edadfba8
-
SHA256
3e65f49adee42b958ebcd10a30bd1ade1f3a213cb3d1616dec6a8acc0c2836a5
-
SHA512
7f7ed97555c85fd99ec5f4e8e27306f351d5d36931d690ed9781c47a1da3916f22895b895da5c21034112f81b8e76b35dda1bdc9a15ebb96c6fde817de6d0b75
-
SSDEEP
98304:uviz/27qWGq/TzuqCDl2Ptao7jiczWP/X5s85m5Nl:uviq75/TzuflVZTGNl
Score10/10-
Orcus main payload
-
Orcurs Rat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-