General
-
Target
f248b1a07db8b97cf265448f8008e45c_JaffaCakes118
-
Size
906KB
-
Sample
240416-axxdbsed91
-
MD5
f248b1a07db8b97cf265448f8008e45c
-
SHA1
4d6007ef083b5c8486d3d5e211ee81d50422ef5b
-
SHA256
35fd246518e98c54b1bed22cfde6d5450d8f9a24da7502dfcf351c8ce631c3a8
-
SHA512
edd36d0c70adfd6a27869b5756b5bf3f92cdc72586fa85460ce0d16b9633717fc5003d5013ecb111d9f3123564bb8da3807543a8fc761f1fbd061fad06d13595
-
SSDEEP
24576:dWwOBXr6u0jmugB4L0ZEpjl5RH4axsLN2K434:dWwOVrojZwZM5RH4axWN2K434
Static task
static1
Behavioral task
behavioral1
Sample
f248b1a07db8b97cf265448f8008e45c_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
f248b1a07db8b97cf265448f8008e45c_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f248b1a07db8b97cf265448f8008e45c_JaffaCakes118
-
Size
906KB
-
MD5
f248b1a07db8b97cf265448f8008e45c
-
SHA1
4d6007ef083b5c8486d3d5e211ee81d50422ef5b
-
SHA256
35fd246518e98c54b1bed22cfde6d5450d8f9a24da7502dfcf351c8ce631c3a8
-
SHA512
edd36d0c70adfd6a27869b5756b5bf3f92cdc72586fa85460ce0d16b9633717fc5003d5013ecb111d9f3123564bb8da3807543a8fc761f1fbd061fad06d13595
-
SSDEEP
24576:dWwOBXr6u0jmugB4L0ZEpjl5RH4axsLN2K434:dWwOVrojZwZM5RH4axWN2K434
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-