General
-
Target
efae2dc9c812edcd76426579e516c7d3_JaffaCakes118
-
Size
3.8MB
-
Sample
240414-2l67yafg53
-
MD5
efae2dc9c812edcd76426579e516c7d3
-
SHA1
df8acdef44d958bcec5fb64757a554cfa5bc5f14
-
SHA256
03e15b7644a4692524bd1e5e41cb22921a5bec52191d390160b0d6de61940cdd
-
SHA512
07bb99811d17b84ab5a11903f8623d8d84eb6e2063210630fcaa7d6fc3006317572846167e10c36f75b22ced12ac99f33f0911f87eff48fc4e7f5f2fbaf8f5ac
-
SSDEEP
98304:vJwakG4fYrq1HJvpliCQHawbzBbGSlaUEI96kdQDanpqHrO3ndI3/lL/v7zVwwX/:vJwakG4fYrq1HJvpliCQHawbzBbGSlah
Behavioral task
behavioral1
Sample
efae2dc9c812edcd76426579e516c7d3_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
efae2dc9c812edcd76426579e516c7d3_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
efae2dc9c812edcd76426579e516c7d3_JaffaCakes118
-
Size
3.8MB
-
MD5
efae2dc9c812edcd76426579e516c7d3
-
SHA1
df8acdef44d958bcec5fb64757a554cfa5bc5f14
-
SHA256
03e15b7644a4692524bd1e5e41cb22921a5bec52191d390160b0d6de61940cdd
-
SHA512
07bb99811d17b84ab5a11903f8623d8d84eb6e2063210630fcaa7d6fc3006317572846167e10c36f75b22ced12ac99f33f0911f87eff48fc4e7f5f2fbaf8f5ac
-
SSDEEP
98304:vJwakG4fYrq1HJvpliCQHawbzBbGSlaUEI96kdQDanpqHrO3ndI3/lL/v7zVwwX/:vJwakG4fYrq1HJvpliCQHawbzBbGSlah
Score10/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-