General
-
Target
5fb1bd6a1bb31534f4b4a208dc3f881d_JaffaCakes118
-
Size
552KB
-
Sample
240520-sbrvtsfd2t
-
MD5
5fb1bd6a1bb31534f4b4a208dc3f881d
-
SHA1
3e88ccfa16eb349b4f8059d47907d8c4154ca7e8
-
SHA256
df0739f3988579942007024e55f8374444e7076b1e12adb285f800985d5f8ae9
-
SHA512
24be6925ef077a72e425bdb69daeb06ef92fed25a34cf3a784e74b8237c069c5ffb2fee06df370b53f8dea8f9f9dc7671d16db787aae85823c43a806268373ab
-
SSDEEP
12288:Qxzc3CMzKrmadzrY90c9tuHNY/g7mpaCdczW:Qo/Hjac+H+7aip
Static task
static1
Behavioral task
behavioral1
Sample
5fb1bd6a1bb31534f4b4a208dc3f881d_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
5fb1bd6a1bb31534f4b4a208dc3f881d_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
5fb1bd6a1bb31534f4b4a208dc3f881d_JaffaCakes118
-
Size
552KB
-
MD5
5fb1bd6a1bb31534f4b4a208dc3f881d
-
SHA1
3e88ccfa16eb349b4f8059d47907d8c4154ca7e8
-
SHA256
df0739f3988579942007024e55f8374444e7076b1e12adb285f800985d5f8ae9
-
SHA512
24be6925ef077a72e425bdb69daeb06ef92fed25a34cf3a784e74b8237c069c5ffb2fee06df370b53f8dea8f9f9dc7671d16db787aae85823c43a806268373ab
-
SSDEEP
12288:Qxzc3CMzKrmadzrY90c9tuHNY/g7mpaCdczW:Qo/Hjac+H+7aip
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-