General
-
Target
34759a7b254af5d435a747330e172602_JaffaCakes118
-
Size
3KB
-
Sample
240511-n2ynvaeh2y
-
MD5
34759a7b254af5d435a747330e172602
-
SHA1
d0d2d2abc845103bc0655fd6fcc74adc332d34f5
-
SHA256
f79b3fb8b11748b9b8a68c316c805366e05f34b9c2bf41814191d03df53522ed
-
SHA512
4662b3e3f21ef000f569acb096f697e074b4425df67c3d3b34611cc65873cd02f17cf80edf5ba2a3b3287bd16e268d262f2f7706de5c275afbffc587e7b5bd72
Static task
static1
Behavioral task
behavioral1
Sample
34759a7b254af5d435a747330e172602_JaffaCakes118.lnk
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
34759a7b254af5d435a747330e172602_JaffaCakes118.lnk
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://drive.google.com/uc?export=download&id=1SCyn_ZPahvp66p8IWBybgyebqvi_tKj8
Targets
-
-
Target
34759a7b254af5d435a747330e172602_JaffaCakes118
-
Size
3KB
-
MD5
34759a7b254af5d435a747330e172602
-
SHA1
d0d2d2abc845103bc0655fd6fcc74adc332d34f5
-
SHA256
f79b3fb8b11748b9b8a68c316c805366e05f34b9c2bf41814191d03df53522ed
-
SHA512
4662b3e3f21ef000f569acb096f697e074b4425df67c3d3b34611cc65873cd02f17cf80edf5ba2a3b3287bd16e268d262f2f7706de5c275afbffc587e7b5bd72
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-