General
-
Target
6a2ef567582a9f9608e4d07a6d0676ae_JaffaCakes118
-
Size
590KB
-
Sample
240523-h8exeshd7w
-
MD5
6a2ef567582a9f9608e4d07a6d0676ae
-
SHA1
a9eb76a0f75413913259f0bf8b1e72830887a123
-
SHA256
0b93596a5112d24596d6ee0b833f327c5f889290b2cfb1f17102f4bd6fb88020
-
SHA512
560308a26d123eb59b1a465821fc7b4a278c6e91db73db9aae6e41643d8d20093efab5a88a17b9e583f5c0b28c331025b864b799e0059b5b2efa1e5f96be936b
-
SSDEEP
12288:thZva7SM72W1Va8a3i0HzTMynlpDM08OUrsTC9iNf:fZva7SM7Wi0TTxlS3GC9If
Static task
static1
Behavioral task
behavioral1
Sample
6a2ef567582a9f9608e4d07a6d0676ae_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
6a2ef567582a9f9608e4d07a6d0676ae_JaffaCakes118
-
Size
590KB
-
MD5
6a2ef567582a9f9608e4d07a6d0676ae
-
SHA1
a9eb76a0f75413913259f0bf8b1e72830887a123
-
SHA256
0b93596a5112d24596d6ee0b833f327c5f889290b2cfb1f17102f4bd6fb88020
-
SHA512
560308a26d123eb59b1a465821fc7b4a278c6e91db73db9aae6e41643d8d20093efab5a88a17b9e583f5c0b28c331025b864b799e0059b5b2efa1e5f96be936b
-
SSDEEP
12288:thZva7SM72W1Va8a3i0HzTMynlpDM08OUrsTC9iNf:fZva7SM7Wi0TTxlS3GC9If
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-