General
-
Target
fc2a2ec55fcf35fa757b53754dff3b55_JaffaCakes118
-
Size
158KB
-
Sample
240420-hh51xsah64
-
MD5
fc2a2ec55fcf35fa757b53754dff3b55
-
SHA1
d8a26c24c85a04245b26e9adf0be66a2aea7612c
-
SHA256
3c77fd7da3d682f1f9126bee00697ba71a709983690892e6cf3eac2390ef0727
-
SHA512
498fdfa69b1addf534ae998b4fc6e4a84c42fade79bd39728065ef0ca2fb5f5167f7e27f2edc2a1d79b545ab7b4c6cb25324ad5af887ead6d75fd1e7a224b122
-
SSDEEP
3072:Kq2LfYQZOakOWO+odp/vU0/gO1en68KPc1lLRrB33BjpnG9Baw6oflRX:Kq9QZWVoP80/L0n68KPc1lLr3Bjpnq8q
Static task
static1
Behavioral task
behavioral1
Sample
fc2a2ec55fcf35fa757b53754dff3b55_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fc2a2ec55fcf35fa757b53754dff3b55_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fc2a2ec55fcf35fa757b53754dff3b55_JaffaCakes118
-
Size
158KB
-
MD5
fc2a2ec55fcf35fa757b53754dff3b55
-
SHA1
d8a26c24c85a04245b26e9adf0be66a2aea7612c
-
SHA256
3c77fd7da3d682f1f9126bee00697ba71a709983690892e6cf3eac2390ef0727
-
SHA512
498fdfa69b1addf534ae998b4fc6e4a84c42fade79bd39728065ef0ca2fb5f5167f7e27f2edc2a1d79b545ab7b4c6cb25324ad5af887ead6d75fd1e7a224b122
-
SSDEEP
3072:Kq2LfYQZOakOWO+odp/vU0/gO1en68KPc1lLRrB33BjpnG9Baw6oflRX:Kq9QZWVoP80/L0n68KPc1lLr3Bjpnq8q
Score10/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1