General
-
Target
fcefee6d1fce90af5fa38bc30152ff7d_JaffaCakes118
-
Size
193KB
-
Sample
240420-rhsv2aad25
-
MD5
fcefee6d1fce90af5fa38bc30152ff7d
-
SHA1
80b754cebdb85969c5ebed0efe4774e0555238dc
-
SHA256
0cb826c1238a28e8417beb953789ec9fece0d4572da0941779024f2653b6f83d
-
SHA512
3c1fc34243e914b61db7a95ed6a1026685bae38c3625aed95cb0bb7f6b1b2f9f9510141eb1cc95d6eb0e25c5a3c4f38eb0ebe77f7af16cc8673b117be69b3bcc
-
SSDEEP
3072:rC1LJUgnLKPzB1B9X4RO6wdjAE0pKWfx2/00UVCrprfEo4jFI:ruLmwkBPlwO6QjAVpKu3JVCrpbEtI
Behavioral task
behavioral1
Sample
fcefee6d1fce90af5fa38bc30152ff7d_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
fcefee6d1fce90af5fa38bc30152ff7d_JaffaCakes118
-
Size
193KB
-
MD5
fcefee6d1fce90af5fa38bc30152ff7d
-
SHA1
80b754cebdb85969c5ebed0efe4774e0555238dc
-
SHA256
0cb826c1238a28e8417beb953789ec9fece0d4572da0941779024f2653b6f83d
-
SHA512
3c1fc34243e914b61db7a95ed6a1026685bae38c3625aed95cb0bb7f6b1b2f9f9510141eb1cc95d6eb0e25c5a3c4f38eb0ebe77f7af16cc8673b117be69b3bcc
-
SSDEEP
3072:rC1LJUgnLKPzB1B9X4RO6wdjAE0pKWfx2/00UVCrprfEo4jFI:ruLmwkBPlwO6QjAVpKu3JVCrpbEtI
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-