General
-
Target
fcc84b2913606db9ed575affe65591ae_JaffaCakes118
-
Size
322KB
-
Sample
240420-pssxnshe5w
-
MD5
fcc84b2913606db9ed575affe65591ae
-
SHA1
a6b6c3e28d245df70c307c354eab877e5fb8efd2
-
SHA256
34ee9da62967a53c3bf97f9301aa9353a3b42e5bd40c3122b929e50e08d146c5
-
SHA512
5e6f9b0040acea1dce8463bd30eb7905de215fd378d112a4d50dd80303539c38e1f516b7512297c215ae77050445785f994a96b7c8ea94a075ea340229b7e0c7
-
SSDEEP
6144:MtU6T/wE1MFGonDrJU2kY1b94hsmjVTPdgBGE7YpqTFIVo+AxU36WDbl3:aU+/wEKAonDrFyhtTR+YQTL+Axg
Behavioral task
behavioral1
Sample
fcc84b2913606db9ed575affe65591ae_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fcc84b2913606db9ed575affe65591ae_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fcc84b2913606db9ed575affe65591ae_JaffaCakes118
-
Size
322KB
-
MD5
fcc84b2913606db9ed575affe65591ae
-
SHA1
a6b6c3e28d245df70c307c354eab877e5fb8efd2
-
SHA256
34ee9da62967a53c3bf97f9301aa9353a3b42e5bd40c3122b929e50e08d146c5
-
SHA512
5e6f9b0040acea1dce8463bd30eb7905de215fd378d112a4d50dd80303539c38e1f516b7512297c215ae77050445785f994a96b7c8ea94a075ea340229b7e0c7
-
SSDEEP
6144:MtU6T/wE1MFGonDrJU2kY1b94hsmjVTPdgBGE7YpqTFIVo+AxU36WDbl3:aU+/wEKAonDrFyhtTR+YQTL+Axg
Score10/10-
AmmyyAdmin payload
-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-