General
-
Target
f8bc15e2615d9e8785b01a43238a0d49_JaffaCakes118
-
Size
57KB
-
Sample
240418-zs8m8sfh9w
-
MD5
f8bc15e2615d9e8785b01a43238a0d49
-
SHA1
bdb1ee853c42ce148615260da62e9e9a98d3b032
-
SHA256
cb8e12b2397aedf0cfcb13b4ecd67bfd5c90b6255d95e2ec0b09eb13ab4e442d
-
SHA512
005d3337b3fa43296eca49ea026273e2ccb98c5370b5d245573e157d2803c1e69683424c7a28725a1a663857c237811d806b8a621c64e51da13a34c9b98cf6a3
-
SSDEEP
384:RqDpIP+1N7OYRt5lvpW3ZW9lbQn86NQsImrIX/Gvj/8RXSp3giIaidm0w0gZyuEf:0D9xXxaZ0Qn86IdJRXTiIaqhXsyvR58c
Static task
static1
Behavioral task
behavioral1
Sample
f8bc15e2615d9e8785b01a43238a0d49_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
f8bc15e2615d9e8785b01a43238a0d49_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f8bc15e2615d9e8785b01a43238a0d49_JaffaCakes118
-
Size
57KB
-
MD5
f8bc15e2615d9e8785b01a43238a0d49
-
SHA1
bdb1ee853c42ce148615260da62e9e9a98d3b032
-
SHA256
cb8e12b2397aedf0cfcb13b4ecd67bfd5c90b6255d95e2ec0b09eb13ab4e442d
-
SHA512
005d3337b3fa43296eca49ea026273e2ccb98c5370b5d245573e157d2803c1e69683424c7a28725a1a663857c237811d806b8a621c64e51da13a34c9b98cf6a3
-
SSDEEP
384:RqDpIP+1N7OYRt5lvpW3ZW9lbQn86NQsImrIX/Gvj/8RXSp3giIaidm0w0gZyuEf:0D9xXxaZ0Qn86IdJRXTiIaqhXsyvR58c
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-