General
-
Target
3387d4ae4a53d1e40801acc8b1ef7128_JaffaCakes118
-
Size
4.6MB
-
Sample
240511-jq9vhseg8z
-
MD5
3387d4ae4a53d1e40801acc8b1ef7128
-
SHA1
a6bb83b5205ec074d89c856ba931fe930f0333ba
-
SHA256
d6e3df1b4420f3fb8a68c1394a3281eff2ee230e93cee3aa4dc7428a06df4bac
-
SHA512
219b8f3f94808a6b77386f9d588f214f8216e645edb940f5681e591d5798e32697315c63c067e8777c96e2cb3bec3def4e7b15e4ace675fef6cc3dc8dc8111c8
-
SSDEEP
98304:d05R6T1L9f6khkO1XtWUOLjS7b8WV6bfU7Sub89HAtJ2OtFAVA:dYRw7LqO1Xw1ju9B7EyHAm
Static task
static1
Behavioral task
behavioral1
Sample
3387d4ae4a53d1e40801acc8b1ef7128_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
3387d4ae4a53d1e40801acc8b1ef7128_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
3387d4ae4a53d1e40801acc8b1ef7128_JaffaCakes118
-
Size
4.6MB
-
MD5
3387d4ae4a53d1e40801acc8b1ef7128
-
SHA1
a6bb83b5205ec074d89c856ba931fe930f0333ba
-
SHA256
d6e3df1b4420f3fb8a68c1394a3281eff2ee230e93cee3aa4dc7428a06df4bac
-
SHA512
219b8f3f94808a6b77386f9d588f214f8216e645edb940f5681e591d5798e32697315c63c067e8777c96e2cb3bec3def4e7b15e4ace675fef6cc3dc8dc8111c8
-
SSDEEP
98304:d05R6T1L9f6khkO1XtWUOLjS7b8WV6bfU7Sub89HAtJ2OtFAVA:dYRw7LqO1Xw1ju9B7EyHAm
-
Blocklisted process makes network request
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-