General
-
Target
6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118
-
Size
350KB
-
Sample
240522-3k54xsdd56
-
MD5
6903fcf0eb78bf63a98edb89b87d9c4b
-
SHA1
e3d85a2b05c04b7d7c0f046f1a513848f7054ef7
-
SHA256
4624c37234303e6ac930b65635ee898482a178ce5923b8aeec90bb94dd30efe4
-
SHA512
b5e748c9c9f5e0092de71cbdad9687ea7ca4cf5756902afa6839ba7392e957d32fa678013bef1d96801a2b59556158b4aa7fb600f26fbd73d6f14e81dfb6f409
-
SSDEEP
6144:+mZNUq21p5TPNQELDYd1aW8n0kpJfY28rmUA6lSQUzt5LXp/keqj:+uEzN7M/N8LpJfY28iT5
Static task
static1
Behavioral task
behavioral1
Sample
6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
6903fcf0eb78bf63a98edb89b87d9c4b_JaffaCakes118
-
Size
350KB
-
MD5
6903fcf0eb78bf63a98edb89b87d9c4b
-
SHA1
e3d85a2b05c04b7d7c0f046f1a513848f7054ef7
-
SHA256
4624c37234303e6ac930b65635ee898482a178ce5923b8aeec90bb94dd30efe4
-
SHA512
b5e748c9c9f5e0092de71cbdad9687ea7ca4cf5756902afa6839ba7392e957d32fa678013bef1d96801a2b59556158b4aa7fb600f26fbd73d6f14e81dfb6f409
-
SSDEEP
6144:+mZNUq21p5TPNQELDYd1aW8n0kpJfY28rmUA6lSQUzt5LXp/keqj:+uEzN7M/N8LpJfY28iT5
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-