General
-
Target
8cf648b915ec162d73796d0d6b746518_JaffaCakes118
-
Size
112KB
-
Sample
240602-fpbdsabh6z
-
MD5
8cf648b915ec162d73796d0d6b746518
-
SHA1
bbc90d425f898081edcffb60614f1ee066981587
-
SHA256
fd45741ee1705669ca1cedab0d174599f416ccb8f87ac2f6a4cff5458bd5dbc0
-
SHA512
92242c659e05157a73eb9b61d404bb9b637ca9feb09f2581806bcd9604d499cfedbd76f85a4ae9b0edd9df88f9b3853488e0d1da86e8f3e2f3e72d5ba1a06721
-
SSDEEP
3072:a/2PkCffIVVasN6jVrRIfMCkBsEzGPO907Vdr2:8CfwVVB4VrRIfMNPt65
Static task
static1
Behavioral task
behavioral1
Sample
8cf648b915ec162d73796d0d6b746518_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8cf648b915ec162d73796d0d6b746518_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8cf648b915ec162d73796d0d6b746518_JaffaCakes118
-
Size
112KB
-
MD5
8cf648b915ec162d73796d0d6b746518
-
SHA1
bbc90d425f898081edcffb60614f1ee066981587
-
SHA256
fd45741ee1705669ca1cedab0d174599f416ccb8f87ac2f6a4cff5458bd5dbc0
-
SHA512
92242c659e05157a73eb9b61d404bb9b637ca9feb09f2581806bcd9604d499cfedbd76f85a4ae9b0edd9df88f9b3853488e0d1da86e8f3e2f3e72d5ba1a06721
-
SSDEEP
3072:a/2PkCffIVVasN6jVrRIfMCkBsEzGPO907Vdr2:8CfwVVB4VrRIfMNPt65
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-