General
-
Target
fcae8c3823eecebb9b8e0f9f2b9eeb89_JaffaCakes118
-
Size
801KB
-
Sample
240420-nqj2bagb9x
-
MD5
fcae8c3823eecebb9b8e0f9f2b9eeb89
-
SHA1
53c49e7458363a22180916f30e6d945081b20d83
-
SHA256
84609f9e443225a23cca8ab6be910c207d220bb430fd543d0724eaae8f7df592
-
SHA512
e92b5187e95a78c7a13f77e36aa9b0c2c144a6404ac6071902fa9e91304f9fb4a2e0c5c56b6accacde432d0626e1f8be00eeb4befa76936c8fbf5eb81c84b480
-
SSDEEP
24576:ANA3R5drXPrfHh2bQA53HU+tV9iKOcuiLbGD:55j2Z1z9b0
Static task
static1
Behavioral task
behavioral1
Sample
fcae8c3823eecebb9b8e0f9f2b9eeb89_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
njrat
20
gold
149.248.52.61:87
165d6ed988ac
-
reg_key
165d6ed988ac
-
splitter
|'|'|
Targets
-
-
Target
fcae8c3823eecebb9b8e0f9f2b9eeb89_JaffaCakes118
-
Size
801KB
-
MD5
fcae8c3823eecebb9b8e0f9f2b9eeb89
-
SHA1
53c49e7458363a22180916f30e6d945081b20d83
-
SHA256
84609f9e443225a23cca8ab6be910c207d220bb430fd543d0724eaae8f7df592
-
SHA512
e92b5187e95a78c7a13f77e36aa9b0c2c144a6404ac6071902fa9e91304f9fb4a2e0c5c56b6accacde432d0626e1f8be00eeb4befa76936c8fbf5eb81c84b480
-
SSDEEP
24576:ANA3R5drXPrfHh2bQA53HU+tV9iKOcuiLbGD:55j2Z1z9b0
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-