General
-
Target
f4110dcc2ebe1146704a3389b22a25a5_JaffaCakes118
-
Size
64KB
-
Sample
240416-w4chdshc93
-
MD5
f4110dcc2ebe1146704a3389b22a25a5
-
SHA1
3ba79f6137c770bfb42a18a62cc8c34bbd7a30b1
-
SHA256
c79fc7d6b043f13fbadd088920051e59ea32ed1cce318e22bfb911838e288f26
-
SHA512
2c96edfb98106a9f2fc37d2b34637210bf53193e34ae3396dd446a04d752eac0611d3ba7db4b8d3a6c30e60dca73b2c1805556581d67462ae6183567cb29b4cc
-
SSDEEP
768:LVh3DVlvqMb9EGDtpkEu2/8c+wmmdwz0Ce0/FfRpI+ls3s3aeSLbV:zDVlvqMqwtQ2/8igZl9ppkc3aeSLx
Static task
static1
Behavioral task
behavioral1
Sample
f4110dcc2ebe1146704a3389b22a25a5_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f4110dcc2ebe1146704a3389b22a25a5_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f4110dcc2ebe1146704a3389b22a25a5_JaffaCakes118
-
Size
64KB
-
MD5
f4110dcc2ebe1146704a3389b22a25a5
-
SHA1
3ba79f6137c770bfb42a18a62cc8c34bbd7a30b1
-
SHA256
c79fc7d6b043f13fbadd088920051e59ea32ed1cce318e22bfb911838e288f26
-
SHA512
2c96edfb98106a9f2fc37d2b34637210bf53193e34ae3396dd446a04d752eac0611d3ba7db4b8d3a6c30e60dca73b2c1805556581d67462ae6183567cb29b4cc
-
SSDEEP
768:LVh3DVlvqMb9EGDtpkEu2/8c+wmmdwz0Ce0/FfRpI+ls3s3aeSLbV:zDVlvqMqwtQ2/8igZl9ppkc3aeSLx
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-