General
-
Target
f8170ab44e4c08d2088104a02aae5f40_JaffaCakes118
-
Size
939KB
-
Sample
240418-qppxaaed89
-
MD5
f8170ab44e4c08d2088104a02aae5f40
-
SHA1
e03ecbc4d42e94818ef900ba50e1ffaa25c59281
-
SHA256
099d824705f8ae8fc4a018a21a7c893de9385841dcb6c9629e2565c718368c05
-
SHA512
fedf7b92f800ed3e990d93e13db6104a1a99cb9d91bfbe8c1683764c1b11ce63b05d54260a4936da991d09b439559a05dd5b73720a3648401539d08abbb38b48
-
SSDEEP
12288:WjVLFvth+w7GodQpbelTQ2JK7Q0+AnCG53rfFBe1QZoU8:Wjvv/Nv+kTQ2XNYCG5TFBeOuU8
Static task
static1
Behavioral task
behavioral1
Sample
f8170ab44e4c08d2088104a02aae5f40_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
f8170ab44e4c08d2088104a02aae5f40_JaffaCakes118
-
Size
939KB
-
MD5
f8170ab44e4c08d2088104a02aae5f40
-
SHA1
e03ecbc4d42e94818ef900ba50e1ffaa25c59281
-
SHA256
099d824705f8ae8fc4a018a21a7c893de9385841dcb6c9629e2565c718368c05
-
SHA512
fedf7b92f800ed3e990d93e13db6104a1a99cb9d91bfbe8c1683764c1b11ce63b05d54260a4936da991d09b439559a05dd5b73720a3648401539d08abbb38b48
-
SSDEEP
12288:WjVLFvth+w7GodQpbelTQ2JK7Q0+AnCG53rfFBe1QZoU8:Wjvv/Nv+kTQ2XNYCG5TFBeOuU8
Score10/10-
Detect ZGRat V1
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-