General
-
Target
708cd4120c9da35d645e1965eb0ff6c1_JaffaCakes118
-
Size
1.1MB
-
Sample
240525-cp3w9abc78
-
MD5
708cd4120c9da35d645e1965eb0ff6c1
-
SHA1
929a337a2ccca0c82c075b338de922f69ed4693b
-
SHA256
99cb11181482b566b52c0230b975871245065aa4bba29a8d8edec315440ab867
-
SHA512
cb80f46df67a1ebdffba6692bf967e83a97d9bbf5eba348ed667185b425474c861b6b96e282680794a2d55ad37d6254c5d44fe6b839790f16bb6959341f94437
-
SSDEEP
12288:2K2mhAMJ/cPlxA95SstjBynBAyIgBKMQrtHuIgmygPQOCLsn2lwnlZwL0ZApuA31:32O/GlGS4LKQ9ulmyTOCLs2lQlZP69X
Static task
static1
Behavioral task
behavioral1
Sample
708cd4120c9da35d645e1965eb0ff6c1_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
708cd4120c9da35d645e1965eb0ff6c1_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
708cd4120c9da35d645e1965eb0ff6c1_JaffaCakes118
-
Size
1.1MB
-
MD5
708cd4120c9da35d645e1965eb0ff6c1
-
SHA1
929a337a2ccca0c82c075b338de922f69ed4693b
-
SHA256
99cb11181482b566b52c0230b975871245065aa4bba29a8d8edec315440ab867
-
SHA512
cb80f46df67a1ebdffba6692bf967e83a97d9bbf5eba348ed667185b425474c861b6b96e282680794a2d55ad37d6254c5d44fe6b839790f16bb6959341f94437
-
SSDEEP
12288:2K2mhAMJ/cPlxA95SstjBynBAyIgBKMQrtHuIgmygPQOCLsn2lwnlZwL0ZApuA31:32O/GlGS4LKQ9ulmyTOCLs2lQlZP69X
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-