General
-
Target
735f19c7920712f76e9a09e66fd06872_JaffaCakes118
-
Size
1.9MB
-
Sample
240525-1sm7zacd36
-
MD5
735f19c7920712f76e9a09e66fd06872
-
SHA1
cb2099f34723a4f80b0f211ca2d88ec5e979c3b7
-
SHA256
de943f1ae3b538185bb656872de21ae04d7b6d5e36cec8fce6b91777e1b69a3a
-
SHA512
e724e3b2786d3188e37a0ab4878bc42f55902011d501b7f6543f9385b2a1ec40715abc076bcb8942578358afb29cb0ecc53b85414860003d8c8aca356e5cbeb3
-
SSDEEP
24576:gtV3TakLeN0WNAoABrioUSRWke4V2YhWZ52gBbQFgWIhyvJWj19Xk/XownUa1oC2:gtVDrc0NoAJiHSRBveWf/APXkPzUa6l3
Behavioral task
behavioral1
Sample
735f19c7920712f76e9a09e66fd06872_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
735f19c7920712f76e9a09e66fd06872_JaffaCakes118
-
Size
1.9MB
-
MD5
735f19c7920712f76e9a09e66fd06872
-
SHA1
cb2099f34723a4f80b0f211ca2d88ec5e979c3b7
-
SHA256
de943f1ae3b538185bb656872de21ae04d7b6d5e36cec8fce6b91777e1b69a3a
-
SHA512
e724e3b2786d3188e37a0ab4878bc42f55902011d501b7f6543f9385b2a1ec40715abc076bcb8942578358afb29cb0ecc53b85414860003d8c8aca356e5cbeb3
-
SSDEEP
24576:gtV3TakLeN0WNAoABrioUSRWke4V2YhWZ52gBbQFgWIhyvJWj19Xk/XownUa1oC2:gtVDrc0NoAJiHSRBveWf/APXkPzUa6l3
-
Blocklisted process makes network request
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-