General
-
Target
3941ba2f0f8d6c62b9931714c992c76e_JaffaCakes118
-
Size
552KB
-
Sample
240512-kqbs6agg6v
-
MD5
3941ba2f0f8d6c62b9931714c992c76e
-
SHA1
2ae4da950a5b71047bf2b67f7b76b9044375d1f9
-
SHA256
80f6104926429d0109f63d8181997c1a9baac48a9386c617d3958321631e2f62
-
SHA512
bac1e9e84473cfd4dc01ea5e72160613f80e5e17826c1a842ac84f2e83c7e2bad9a898478f72351f990bc06c68a71ee091b88f98a2d7c8268bb3b506972a5976
-
SSDEEP
12288:x1dovGUpHpscZT+qQE63m67BxO8Vp+shAY1D9ZMD7f84ub:xYGYxAE63mSs4D1RqnfJS
Static task
static1
Behavioral task
behavioral1
Sample
3941ba2f0f8d6c62b9931714c992c76e_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3941ba2f0f8d6c62b9931714c992c76e_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
3941ba2f0f8d6c62b9931714c992c76e_JaffaCakes118
-
Size
552KB
-
MD5
3941ba2f0f8d6c62b9931714c992c76e
-
SHA1
2ae4da950a5b71047bf2b67f7b76b9044375d1f9
-
SHA256
80f6104926429d0109f63d8181997c1a9baac48a9386c617d3958321631e2f62
-
SHA512
bac1e9e84473cfd4dc01ea5e72160613f80e5e17826c1a842ac84f2e83c7e2bad9a898478f72351f990bc06c68a71ee091b88f98a2d7c8268bb3b506972a5976
-
SSDEEP
12288:x1dovGUpHpscZT+qQE63m67BxO8Vp+shAY1D9ZMD7f84ub:xYGYxAE63mSs4D1RqnfJS
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-