General
-
Target
f089e121bd206ec93e6583651d2e559c_JaffaCakes118
-
Size
13KB
-
Sample
240415-hvt47ahc25
-
MD5
f089e121bd206ec93e6583651d2e559c
-
SHA1
34ec27c373f3a3663cf68fc17752054dcd480689
-
SHA256
ca4ac1db528fea101b2ae61719719bf806aca32ae06bd47082492735c3f76651
-
SHA512
bc0dad6565c4a7794f38c369b016a0c15103bbc2b621a9964cae6f70224ec7e578106dd2ec05006c2675877e51019d22bc57c242062620e80cfda06a00cd2272
-
SSDEEP
384:AsbE3A35s7+/t3Mw/5Rl+GBx2UrGKKHu8e3iY:As54+/t3Mw/5RldDrquQY
Static task
static1
Behavioral task
behavioral1
Sample
f089e121bd206ec93e6583651d2e559c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f089e121bd206ec93e6583651d2e559c_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f089e121bd206ec93e6583651d2e559c_JaffaCakes118
-
Size
13KB
-
MD5
f089e121bd206ec93e6583651d2e559c
-
SHA1
34ec27c373f3a3663cf68fc17752054dcd480689
-
SHA256
ca4ac1db528fea101b2ae61719719bf806aca32ae06bd47082492735c3f76651
-
SHA512
bc0dad6565c4a7794f38c369b016a0c15103bbc2b621a9964cae6f70224ec7e578106dd2ec05006c2675877e51019d22bc57c242062620e80cfda06a00cd2272
-
SSDEEP
384:AsbE3A35s7+/t3Mw/5Rl+GBx2UrGKKHu8e3iY:As54+/t3Mw/5RldDrquQY
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-