General
-
Target
86d32165249a6f954e1c108f4ed79a56_JaffaCakes118
-
Size
35KB
-
Sample
240531-ng1byagb92
-
MD5
86d32165249a6f954e1c108f4ed79a56
-
SHA1
474616bf1eec08c03182298bde373a54befffc4a
-
SHA256
20adbeb81ebb13f804174276e106b52a99cdeaa399752eda1174120673a42a92
-
SHA512
0c1a14d526e50ca15cdc2970bfab6642dd35f5e84939255f63ef2ba6cfe8ff664f33fae01c0ca82f883c1229a4c3635d99c1831b8e50e1069bc2190532e7ad5f
-
SSDEEP
384:s2Tb2YAVjQ38kllsjM3F6YpO0wrBpKPELCa5RKvh3USeT3qfRLAevBkZUhCxEJpR:s23MVjQ3Plk4wNUI83oDqpR5kZM/
Behavioral task
behavioral1
Sample
86d32165249a6f954e1c108f4ed79a56_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
86d32165249a6f954e1c108f4ed79a56_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
86d32165249a6f954e1c108f4ed79a56_JaffaCakes118
-
Size
35KB
-
MD5
86d32165249a6f954e1c108f4ed79a56
-
SHA1
474616bf1eec08c03182298bde373a54befffc4a
-
SHA256
20adbeb81ebb13f804174276e106b52a99cdeaa399752eda1174120673a42a92
-
SHA512
0c1a14d526e50ca15cdc2970bfab6642dd35f5e84939255f63ef2ba6cfe8ff664f33fae01c0ca82f883c1229a4c3635d99c1831b8e50e1069bc2190532e7ad5f
-
SSDEEP
384:s2Tb2YAVjQ38kllsjM3F6YpO0wrBpKPELCa5RKvh3USeT3qfRLAevBkZUhCxEJpR:s23MVjQ3Plk4wNUI83oDqpR5kZM/
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Adds Run key to start application
-