General
-
Target
2579e600ceb14dd737bd8d903a65d640_JaffaCakes118
-
Size
260KB
-
Sample
240508-ssg2ysah4t
-
MD5
2579e600ceb14dd737bd8d903a65d640
-
SHA1
694db6f247fa0f40e691f9da9d274490c818f60f
-
SHA256
e64d41fb84a83432f460905f7fdecf6a704c1b58748bad2ddf328b5ba6a7d7e5
-
SHA512
bb3f8e6ac87251aa24410b5470a908cc3a0b86032ce734e258fff0c6504b74d3b8b47ae77c60159b3e501edc39d97f56ae052beb2f7fa382d8e74a84f561bb69
-
SSDEEP
3072:ZE5M+8UC6qpFosItPPJ1nH899TwJWZWVccPWdD0y4rPOUaNPl63kaY:S5bC5pFXIt3nnH8iWZQ5+10y4ifNMU
Static task
static1
Behavioral task
behavioral1
Sample
2579e600ceb14dd737bd8d903a65d640_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2579e600ceb14dd737bd8d903a65d640_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2579e600ceb14dd737bd8d903a65d640_JaffaCakes118
-
Size
260KB
-
MD5
2579e600ceb14dd737bd8d903a65d640
-
SHA1
694db6f247fa0f40e691f9da9d274490c818f60f
-
SHA256
e64d41fb84a83432f460905f7fdecf6a704c1b58748bad2ddf328b5ba6a7d7e5
-
SHA512
bb3f8e6ac87251aa24410b5470a908cc3a0b86032ce734e258fff0c6504b74d3b8b47ae77c60159b3e501edc39d97f56ae052beb2f7fa382d8e74a84f561bb69
-
SSDEEP
3072:ZE5M+8UC6qpFosItPPJ1nH899TwJWZWVccPWdD0y4rPOUaNPl63kaY:S5bC5pFXIt3nnH8iWZQ5+10y4ifNMU
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-