General
-
Target
fd212aeaf2a519e24276516eeb1dedef_JaffaCakes118
-
Size
480KB
-
Sample
240420-tggsgscg5w
-
MD5
fd212aeaf2a519e24276516eeb1dedef
-
SHA1
55bb12aaac948f80f17d0f2b45db7992b92683ce
-
SHA256
7e5dd61d1a28a21f3eeaf8ff3723b69019f83be520b6ad986a57b5de05dab438
-
SHA512
8534c379b89c9c4d3f4d37dbe06bbba744e9fde7e5ff53d20eaa88eb166dc3d24e27221445546e849a34678d53b030ee5f58a72f395cf8a5e45d86e64c75508a
-
SSDEEP
12288:gZycYZmPGAD5HHT6O1FaxE6z1Jy7tMfHEce:gMcYZmeOz6MWE6z1JGtdce
Static task
static1
Behavioral task
behavioral1
Sample
fd212aeaf2a519e24276516eeb1dedef_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
asyncrat
0.5.7B
6
185.157.160.147:1973
6SI8OkPnk0ut56r
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
fd212aeaf2a519e24276516eeb1dedef_JaffaCakes118
-
Size
480KB
-
MD5
fd212aeaf2a519e24276516eeb1dedef
-
SHA1
55bb12aaac948f80f17d0f2b45db7992b92683ce
-
SHA256
7e5dd61d1a28a21f3eeaf8ff3723b69019f83be520b6ad986a57b5de05dab438
-
SHA512
8534c379b89c9c4d3f4d37dbe06bbba744e9fde7e5ff53d20eaa88eb166dc3d24e27221445546e849a34678d53b030ee5f58a72f395cf8a5e45d86e64c75508a
-
SSDEEP
12288:gZycYZmPGAD5HHT6O1FaxE6z1Jy7tMfHEce:gMcYZmeOz6MWE6z1JGtdce
-
Detect ZGRat V1
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-