General
-
Target
7a35a309c9ef114088052f1d36e573ab_JaffaCakes118
-
Size
496KB
-
Sample
240527-xwes8aef4t
-
MD5
7a35a309c9ef114088052f1d36e573ab
-
SHA1
8f3016cc7e0d1af1441a6dfdcdda6e26f4fd48a0
-
SHA256
3b864940f74accb3097f2c6c979295c3a5f65af79cd0408f80869f82917b1627
-
SHA512
0de03f9996d85ec16ee54a5e2b6b1241401795176d88fbff20dd6e31d0aacd22bfa928394025090503a22277748b99439e982fc6add0491773065d5dbbd1758e
-
SSDEEP
12288:oePmhVF1qp2qsGhMsY2v9eywBzb9ZdEICLVRWa:sVF1bqlhMs5v6B/dEICLzWa
Static task
static1
Behavioral task
behavioral1
Sample
7a35a309c9ef114088052f1d36e573ab_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
asyncrat
0.5.7B
Xxxu7
185.250.204.245:6606
185.250.204.245:7707
185.250.204.245:8808
8SI8OkPnk
-
delay
5
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
7a35a309c9ef114088052f1d36e573ab_JaffaCakes118
-
Size
496KB
-
MD5
7a35a309c9ef114088052f1d36e573ab
-
SHA1
8f3016cc7e0d1af1441a6dfdcdda6e26f4fd48a0
-
SHA256
3b864940f74accb3097f2c6c979295c3a5f65af79cd0408f80869f82917b1627
-
SHA512
0de03f9996d85ec16ee54a5e2b6b1241401795176d88fbff20dd6e31d0aacd22bfa928394025090503a22277748b99439e982fc6add0491773065d5dbbd1758e
-
SSDEEP
12288:oePmhVF1qp2qsGhMsY2v9eywBzb9ZdEICLVRWa:sVF1bqlhMs5v6B/dEICLzWa
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-