General
-
Target
fc3c2e5b1df6fc003987363171bb4798_JaffaCakes118
-
Size
637KB
-
Sample
240420-h8zltscb71
-
MD5
fc3c2e5b1df6fc003987363171bb4798
-
SHA1
7aeb894742bbe79ff4bbb29f038db7878b4a3327
-
SHA256
d05dc070814c52b512ff4aa1fd83caaf1ddf229bd09afee773c8305531185491
-
SHA512
c4946a69f24de2b88d20e8e39a29b44bb183d40a9c1780df36a2796f1c41717350867e46ad0dffdb14f2c8ed270b7c9bcd519f68a49c158369fbd7617193f3ca
-
SSDEEP
12288:ocv0NTBL22JUyhO42c95ZSzb0MLcqNUOq6MeC+Hxl0zLBW6zZCFpSZr6ptMRp:ocvkTBICJSNLbLHxlqLdsMZitMRp
Static task
static1
Behavioral task
behavioral1
Sample
fc3c2e5b1df6fc003987363171bb4798_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fc3c2e5b1df6fc003987363171bb4798_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
fc3c2e5b1df6fc003987363171bb4798_JaffaCakes118
-
Size
637KB
-
MD5
fc3c2e5b1df6fc003987363171bb4798
-
SHA1
7aeb894742bbe79ff4bbb29f038db7878b4a3327
-
SHA256
d05dc070814c52b512ff4aa1fd83caaf1ddf229bd09afee773c8305531185491
-
SHA512
c4946a69f24de2b88d20e8e39a29b44bb183d40a9c1780df36a2796f1c41717350867e46ad0dffdb14f2c8ed270b7c9bcd519f68a49c158369fbd7617193f3ca
-
SSDEEP
12288:ocv0NTBL22JUyhO42c95ZSzb0MLcqNUOq6MeC+Hxl0zLBW6zZCFpSZr6ptMRp:ocvkTBICJSNLbLHxlqLdsMZitMRp
Score8/10-
Modifies Installed Components in the registry
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-