General
-
Target
64f5683f186c6036c2dffe8817275197_JaffaCakes118
-
Size
552KB
-
Sample
240521-16kc8sca94
-
MD5
64f5683f186c6036c2dffe8817275197
-
SHA1
916602b777e022d77b4ed125881ff08f37e97306
-
SHA256
17882008afd8cdeb44cab2798e6949e9556072f9d239c30c652bfa6938106123
-
SHA512
12d51e0f65ddb791ae3fd7d15cee1afee0181059f45c1d487dc9862c32f4acafd2c815cf278abdf6c48e882c5961cf02474da0d56b35f046b7172c2a8910cab5
-
SSDEEP
6144:U6xabnD68P7gN3A0NoR6K3i/tTwq3djHKill2fvygZMd6uCreqTe:U6xgDP72zg+3djjlQXyGWfN
Static task
static1
Behavioral task
behavioral1
Sample
64f5683f186c6036c2dffe8817275197_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
64f5683f186c6036c2dffe8817275197_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
64f5683f186c6036c2dffe8817275197_JaffaCakes118
-
Size
552KB
-
MD5
64f5683f186c6036c2dffe8817275197
-
SHA1
916602b777e022d77b4ed125881ff08f37e97306
-
SHA256
17882008afd8cdeb44cab2798e6949e9556072f9d239c30c652bfa6938106123
-
SHA512
12d51e0f65ddb791ae3fd7d15cee1afee0181059f45c1d487dc9862c32f4acafd2c815cf278abdf6c48e882c5961cf02474da0d56b35f046b7172c2a8910cab5
-
SSDEEP
6144:U6xabnD68P7gN3A0NoR6K3i/tTwq3djHKill2fvygZMd6uCreqTe:U6xgDP72zg+3djjlQXyGWfN
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-