General
-
Target
fdadf821c8cbdfe648656b5ef44c803b_JaffaCakes118
-
Size
58KB
-
Sample
240420-z8x7faah2x
-
MD5
fdadf821c8cbdfe648656b5ef44c803b
-
SHA1
0af5cf51a5c5fe0081dfc27b749aee043c5b6103
-
SHA256
418d844852fcf732efe4e2ca01b7f924ae2d890c5e8c75679e7a3d38f015ee43
-
SHA512
f66e0167759fc82cc0af0c84c94fbcbd7725ea8d4c2a75b36ec0e9fa6c19469c2b0e2eb95855eebe4856b93155c06cec6d8fe0241892b58f395ef498f4db7c2c
-
SSDEEP
1536:iZioIoCwbYP4nuEApQK4TQbtY2gA9DX+ytBO8c3G3eTJ/M:iEoIlwIguEA4c5DgA9DOyq0eFk
Static task
static1
Behavioral task
behavioral1
Sample
fdadf821c8cbdfe648656b5ef44c803b_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fdadf821c8cbdfe648656b5ef44c803b_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
fdadf821c8cbdfe648656b5ef44c803b_JaffaCakes118
-
Size
58KB
-
MD5
fdadf821c8cbdfe648656b5ef44c803b
-
SHA1
0af5cf51a5c5fe0081dfc27b749aee043c5b6103
-
SHA256
418d844852fcf732efe4e2ca01b7f924ae2d890c5e8c75679e7a3d38f015ee43
-
SHA512
f66e0167759fc82cc0af0c84c94fbcbd7725ea8d4c2a75b36ec0e9fa6c19469c2b0e2eb95855eebe4856b93155c06cec6d8fe0241892b58f395ef498f4db7c2c
-
SSDEEP
1536:iZioIoCwbYP4nuEApQK4TQbtY2gA9DX+ytBO8c3G3eTJ/M:iEoIlwIguEA4c5DgA9DOyq0eFk
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-