General
-
Target
898446324be148af2b7f41028ed4477a_JaffaCakes118
-
Size
562KB
-
Sample
240601-gfdm8abh3s
-
MD5
898446324be148af2b7f41028ed4477a
-
SHA1
ff78713a43af6b335d3f3470b5d38ffdd96d38bc
-
SHA256
d15805c32b413040e8a0fb740465acf7d85efbe741e1689a9a82c5e1e601def0
-
SHA512
cde3bc6dd175daa853d1c18e365df6c28b737cff5d671a6c5eba6dce12b893cb8ad8e29c1f5eea496e2f338f270bd3d6305bef2802c41ec2d78017dbc9c59aaa
-
SSDEEP
12288:ot0V2auKKQ1ZQ3uiBb2IFis1CwI5DEpU7R:SwYPQMeicZ
Static task
static1
Behavioral task
behavioral1
Sample
898446324be148af2b7f41028ed4477a_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
898446324be148af2b7f41028ed4477a_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
898446324be148af2b7f41028ed4477a_JaffaCakes118
-
Size
562KB
-
MD5
898446324be148af2b7f41028ed4477a
-
SHA1
ff78713a43af6b335d3f3470b5d38ffdd96d38bc
-
SHA256
d15805c32b413040e8a0fb740465acf7d85efbe741e1689a9a82c5e1e601def0
-
SHA512
cde3bc6dd175daa853d1c18e365df6c28b737cff5d671a6c5eba6dce12b893cb8ad8e29c1f5eea496e2f338f270bd3d6305bef2802c41ec2d78017dbc9c59aaa
-
SSDEEP
12288:ot0V2auKKQ1ZQ3uiBb2IFis1CwI5DEpU7R:SwYPQMeicZ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-