General
-
Target
7c26b6c3cd05b0815037f5cafd13e237_JaffaCakes118
-
Size
553KB
-
Sample
240528-jbhsgscb67
-
MD5
7c26b6c3cd05b0815037f5cafd13e237
-
SHA1
c9977e3771c0ac0e06bc286fce230fe64317ec27
-
SHA256
30b2748b757fab768959b46cd67c4397fd79a4aa54e3446b7fbbbb46365d8a58
-
SHA512
7fb32bed3f6470b4cff0523bb53f07f9c81bc6683bdefcec397613ed07a170e1e8de3fa3629edb61d26d7826356f548c3623ac9c0b98767e85889681563afe76
-
SSDEEP
12288:UEyJXR26P1lamEzK+Q9D8+OHn6y2yadF0Kqss:UDV1aDzK+s87HMTF0K
Static task
static1
Behavioral task
behavioral1
Sample
7c26b6c3cd05b0815037f5cafd13e237_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
7c26b6c3cd05b0815037f5cafd13e237_JaffaCakes118
-
Size
553KB
-
MD5
7c26b6c3cd05b0815037f5cafd13e237
-
SHA1
c9977e3771c0ac0e06bc286fce230fe64317ec27
-
SHA256
30b2748b757fab768959b46cd67c4397fd79a4aa54e3446b7fbbbb46365d8a58
-
SHA512
7fb32bed3f6470b4cff0523bb53f07f9c81bc6683bdefcec397613ed07a170e1e8de3fa3629edb61d26d7826356f548c3623ac9c0b98767e85889681563afe76
-
SSDEEP
12288:UEyJXR26P1lamEzK+Q9D8+OHn6y2yadF0Kqss:UDV1aDzK+s87HMTF0K
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-