General
-
Target
f8ca118a44bbab7b72c40b6656ed17ac_JaffaCakes118
-
Size
80KB
-
Sample
240418-1c4j1sge4z
-
MD5
f8ca118a44bbab7b72c40b6656ed17ac
-
SHA1
cfafc6d363ca2549379766f910c0a2c6d96575ea
-
SHA256
b0e797073009515bd52c61f66581fd8e7d1ca97fb48ece5a1360a6473a555bdd
-
SHA512
1222f6e8d8d9bb19d225c457d4c3f5398e60b2520385d55e99d189b2141c9494b64cf3456a90a14cb03d82684e58eb9c8a03cb902063fc31258e3463da10f07b
-
SSDEEP
1536:+VtjAKqURk0Ex/tIWLSYGc5cmFF+TTdGka2dQe5GrpXLat:CN1qURFY/RLSO5cmFY9GMdKGt
Behavioral task
behavioral1
Sample
f8ca118a44bbab7b72c40b6656ed17ac_JaffaCakes118.exe
Resource
win7-20240319-en
Malware Config
Targets
-
-
Target
f8ca118a44bbab7b72c40b6656ed17ac_JaffaCakes118
-
Size
80KB
-
MD5
f8ca118a44bbab7b72c40b6656ed17ac
-
SHA1
cfafc6d363ca2549379766f910c0a2c6d96575ea
-
SHA256
b0e797073009515bd52c61f66581fd8e7d1ca97fb48ece5a1360a6473a555bdd
-
SHA512
1222f6e8d8d9bb19d225c457d4c3f5398e60b2520385d55e99d189b2141c9494b64cf3456a90a14cb03d82684e58eb9c8a03cb902063fc31258e3463da10f07b
-
SSDEEP
1536:+VtjAKqURk0Ex/tIWLSYGc5cmFF+TTdGka2dQe5GrpXLat:CN1qURFY/RLSO5cmFY9GMdKGt
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-