General
-
Target
2a79d2a8eebe3cbbdfaa7b61d72cb866_JaffaCakes118
-
Size
192KB
-
Sample
240509-r6yfesac26
-
MD5
2a79d2a8eebe3cbbdfaa7b61d72cb866
-
SHA1
6c84f09929337bb41549dde77d982ff2c000c3b7
-
SHA256
0340b84c0a3ca20f9c09e1a81c9e9cb561607e491fca652b07a196cd40138648
-
SHA512
13e1873f5e0257ae9662fa3c4b9bd162823a0d112c5538cbcd6c84898338b4ee2c6a3e03d8140301594b7c585f3aeff0e2342801a4716e32feb9d18e53da805d
-
SSDEEP
3072:WPtzkCz/jveCrm2DdbDw0RqMuZF5E1Wvc0kSMwufZPM7a7cf2DCTP:WK2ya9/i21QFufZPM7a7cf2i
Static task
static1
Behavioral task
behavioral1
Sample
2a79d2a8eebe3cbbdfaa7b61d72cb866_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2a79d2a8eebe3cbbdfaa7b61d72cb866_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2a79d2a8eebe3cbbdfaa7b61d72cb866_JaffaCakes118
-
Size
192KB
-
MD5
2a79d2a8eebe3cbbdfaa7b61d72cb866
-
SHA1
6c84f09929337bb41549dde77d982ff2c000c3b7
-
SHA256
0340b84c0a3ca20f9c09e1a81c9e9cb561607e491fca652b07a196cd40138648
-
SHA512
13e1873f5e0257ae9662fa3c4b9bd162823a0d112c5538cbcd6c84898338b4ee2c6a3e03d8140301594b7c585f3aeff0e2342801a4716e32feb9d18e53da805d
-
SSDEEP
3072:WPtzkCz/jveCrm2DdbDw0RqMuZF5E1Wvc0kSMwufZPM7a7cf2DCTP:WK2ya9/i21QFufZPM7a7cf2i
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-