General
-
Target
f06a37081157af03b1f89ebd3c7bef91_JaffaCakes118
-
Size
23KB
-
Sample
240415-f35vjsff74
-
MD5
f06a37081157af03b1f89ebd3c7bef91
-
SHA1
8eb9e96d13b3a5395144c5fed2a7c90efd9dd23c
-
SHA256
def88cd2ce3ab3e358aa9f6cb73e5eef7de3c753c2b1b3bac6269ec19fbf288c
-
SHA512
45d65d832a7b9a4fd3ff9786f098f63f89e7e4120e3eee234ef39e3e41334a1788737650b5446839678fb3e6f6ba08fe44b7e34d6b0bec6d6c177f3983f0ac6a
-
SSDEEP
384:BZE930gZIYzMBGw69rAiXZnRS3VqzUJ3/K20XlAVnzyhO2A2mPWz:BiSgZh7FAihRSoYJ50X82hO2AHP
Behavioral task
behavioral1
Sample
f06a37081157af03b1f89ebd3c7bef91_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f06a37081157af03b1f89ebd3c7bef91_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f06a37081157af03b1f89ebd3c7bef91_JaffaCakes118
-
Size
23KB
-
MD5
f06a37081157af03b1f89ebd3c7bef91
-
SHA1
8eb9e96d13b3a5395144c5fed2a7c90efd9dd23c
-
SHA256
def88cd2ce3ab3e358aa9f6cb73e5eef7de3c753c2b1b3bac6269ec19fbf288c
-
SHA512
45d65d832a7b9a4fd3ff9786f098f63f89e7e4120e3eee234ef39e3e41334a1788737650b5446839678fb3e6f6ba08fe44b7e34d6b0bec6d6c177f3983f0ac6a
-
SSDEEP
384:BZE930gZIYzMBGw69rAiXZnRS3VqzUJ3/K20XlAVnzyhO2A2mPWz:BiSgZh7FAihRSoYJ50X82hO2AHP
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-