General
-
Target
f89cc62e7ed740039b6adc9994c0ae29_JaffaCakes118
-
Size
426KB
-
Sample
240418-x8nlwsea7t
-
MD5
f89cc62e7ed740039b6adc9994c0ae29
-
SHA1
8bf78e0a39051c55d8d54abadfee8db618265c21
-
SHA256
69e30a72711cd7ee9fd01c84aebb84067d9c7b6f4ca7ed39ab42c5932b8e5050
-
SHA512
46e6401b0bd0403aa0ccd5ae3e6904cfeeb39576f3919dd2e36262d57a34b94e7a093ff5ff9653cd2cf3513f7d74a9ccf5ed4f380e4f47a523eecaa71bed460e
-
SSDEEP
6144:kvk3Q5ibjnNuuXckaL7pbRBkce97awj7L7orT/x:kvMQ5ibjnwka3pbRC19Gwj7orT/x
Behavioral task
behavioral1
Sample
f89cc62e7ed740039b6adc9994c0ae29_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
f89cc62e7ed740039b6adc9994c0ae29_JaffaCakes118
-
Size
426KB
-
MD5
f89cc62e7ed740039b6adc9994c0ae29
-
SHA1
8bf78e0a39051c55d8d54abadfee8db618265c21
-
SHA256
69e30a72711cd7ee9fd01c84aebb84067d9c7b6f4ca7ed39ab42c5932b8e5050
-
SHA512
46e6401b0bd0403aa0ccd5ae3e6904cfeeb39576f3919dd2e36262d57a34b94e7a093ff5ff9653cd2cf3513f7d74a9ccf5ed4f380e4f47a523eecaa71bed460e
-
SSDEEP
6144:kvk3Q5ibjnNuuXckaL7pbRBkce97awj7L7orT/x:kvMQ5ibjnwka3pbRC19Gwj7orT/x
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-