General
-
Target
6c707bcb35b7d20dce27d0fe97a0571b_JaffaCakes118
-
Size
3.2MB
-
Sample
240523-18ldbaba65
-
MD5
6c707bcb35b7d20dce27d0fe97a0571b
-
SHA1
2eac41e5789c0506b0c3e5c4099c80c3a55777b3
-
SHA256
02452296155f5fdfdcbadff8846da3bf4ea2cafa9976e6eca0442937361b4489
-
SHA512
534e8099ae4f9772feaef220255975b844b745676eb045764263a960aa2768f5b4c5bbbbbb44e7623d68dab3537171dc83405d44d3b2f4b18cce3f67c6783234
-
SSDEEP
98304:Pviz/27qWGq/TzuqCDl2Ptao7j5W3XjN7:Pviq75/TzufeWjN7
Static task
static1
Behavioral task
behavioral1
Sample
6c707bcb35b7d20dce27d0fe97a0571b_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
6c707bcb35b7d20dce27d0fe97a0571b_JaffaCakes118
-
Size
3.2MB
-
MD5
6c707bcb35b7d20dce27d0fe97a0571b
-
SHA1
2eac41e5789c0506b0c3e5c4099c80c3a55777b3
-
SHA256
02452296155f5fdfdcbadff8846da3bf4ea2cafa9976e6eca0442937361b4489
-
SHA512
534e8099ae4f9772feaef220255975b844b745676eb045764263a960aa2768f5b4c5bbbbbb44e7623d68dab3537171dc83405d44d3b2f4b18cce3f67c6783234
-
SSDEEP
98304:Pviz/27qWGq/TzuqCDl2Ptao7j5W3XjN7:Pviq75/TzufeWjN7
Score10/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1