General
-
Target
f6deaf165da7a337c68048a046178c57_JaffaCakes118
-
Size
318KB
-
Sample
240418-aepkrsba22
-
MD5
f6deaf165da7a337c68048a046178c57
-
SHA1
ff6ce2d1eb1d81a392e0b6acf02017fbbf526181
-
SHA256
d19c4864f78997a15056dd3dd3e53e144c412d1add11866ed2b36c6e933797a5
-
SHA512
ba8f18fc2806e3325e09dd7aef269da6eacf6ce6a884b87b4e354b311106a0f24bbc147ba987087bdfa861d395b9412c5464efbd7a570d51a4d0d75a83dc5562
-
SSDEEP
6144:gTu5OUFQPwNcv0kPmAGsyRILcAHRsNW+oKE0QJDBx0KEVaLOrd8ZH22aY:iuzmOCzGyiNW+oz06Bx0fByH2BY
Static task
static1
Behavioral task
behavioral1
Sample
f6deaf165da7a337c68048a046178c57_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
f6deaf165da7a337c68048a046178c57_JaffaCakes118
-
Size
318KB
-
MD5
f6deaf165da7a337c68048a046178c57
-
SHA1
ff6ce2d1eb1d81a392e0b6acf02017fbbf526181
-
SHA256
d19c4864f78997a15056dd3dd3e53e144c412d1add11866ed2b36c6e933797a5
-
SHA512
ba8f18fc2806e3325e09dd7aef269da6eacf6ce6a884b87b4e354b311106a0f24bbc147ba987087bdfa861d395b9412c5464efbd7a570d51a4d0d75a83dc5562
-
SSDEEP
6144:gTu5OUFQPwNcv0kPmAGsyRILcAHRsNW+oKE0QJDBx0KEVaLOrd8ZH22aY:iuzmOCzGyiNW+oz06Bx0fByH2BY
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-