General
-
Target
931b12be80c60acd76de1b96d4a90799_JaffaCakes118
-
Size
19.2MB
-
Sample
240604-amlh3sed9z
-
MD5
931b12be80c60acd76de1b96d4a90799
-
SHA1
6df652fa5e0f8646adfa79f3a821d18bb49c6b09
-
SHA256
06c2ba2931b74c1ad30af2f8315ccbf06ad5e25aa472f8dd3c27456b739e2f1f
-
SHA512
6570c72a23f3c114b98a1ff701c80a87c5f519e903a6a642441a322d80aa2b1a3144a698aa1df38fe21f7dbd1358e033a7516a38a716d6bd8b5292169025b76b
-
SSDEEP
393216:6nmHYd25WMvHR8pkGs9DO2aLgNodHzCKRog5meGQvP/sW1f3J5:6mHXJHLp9qhGodHzCKRoQ/Pkuf3j
Static task
static1
Behavioral task
behavioral1
Sample
931b12be80c60acd76de1b96d4a90799_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
931b12be80c60acd76de1b96d4a90799_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$EXEDIR/install_flash_player_21_plugin.exe
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$EXEDIR/install_flash_player_21_plugin.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/SetupPlugin.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/SetupPlugin.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
931b12be80c60acd76de1b96d4a90799_JaffaCakes118
-
Size
19.2MB
-
MD5
931b12be80c60acd76de1b96d4a90799
-
SHA1
6df652fa5e0f8646adfa79f3a821d18bb49c6b09
-
SHA256
06c2ba2931b74c1ad30af2f8315ccbf06ad5e25aa472f8dd3c27456b739e2f1f
-
SHA512
6570c72a23f3c114b98a1ff701c80a87c5f519e903a6a642441a322d80aa2b1a3144a698aa1df38fe21f7dbd1358e033a7516a38a716d6bd8b5292169025b76b
-
SSDEEP
393216:6nmHYd25WMvHR8pkGs9DO2aLgNodHzCKRog5meGQvP/sW1f3J5:6mHXJHLp9qhGodHzCKRoQ/Pkuf3j
Score6/10-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
-
-
Target
$EXEDIR/install_flash_player_21_plugin.exe
-
Size
19.0MB
-
MD5
e9fbb2a2c30af313c6ed70d77c2c674b
-
SHA1
1dc0aff30de4577aa9870be61f16d6614ac22a8e
-
SHA256
6b87a45ba965672d9cc4270668dff74e1307a3a8c207ba727c88fd92e76e6c0b
-
SHA512
bfe25c8960670bcfc1ca7d0d162c8a38addd1a92f1869628c4252e60fa0977da50fbfab1a7b7594c729f189cfa00781e762d5a78f53e1eac659c3ba80997d745
-
SSDEEP
393216:/pGhrKnwYcEqtKfVAGx2U8yP9LQzXIDmmlsrtnOdZBj3TH/m4:/QhrGvcEqtuiABQjEmWBj3Tfm4
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/SetupPlugin.dll
-
Size
136KB
-
MD5
5508dca735abb51f7eda223ed487e43f
-
SHA1
2f2ac64e4900e8d5217124dd06ed790494e2dcd2
-
SHA256
7f90c32afe9ccce50d99f845ee3639aa36ce85f7be69ba2777ffc3a466d93900
-
SHA512
9b3d2d41c3e03ed5c7d16fdb95b7f2e229f1dd7330f9d93c6a415a06e2492346b5ac0e15a977fdfba94e58dc33c6dda8911ec76ed390d191ef3e36ceb0c48c30
-
SSDEEP
1536:YnN4PBdeANfP1rP9zv7WB3QF8OaAALJ2MV2i42nFbjj5mFMLwawAt5a:YN4PmmhWdmHtqIik6LvwAt5a
Score3/10 -