General
-
Target
b2d7dd7195b34c26e5faf1fcf10b653e_JaffaCakes118
-
Size
748KB
-
Sample
240616-lp4m8asdnk
-
MD5
b2d7dd7195b34c26e5faf1fcf10b653e
-
SHA1
c17ad78a2ae96ad1c04d4d853f2614ecb9966729
-
SHA256
ce53586b70d395f8b3a56a6afc23bed0296e2aa53914fd2e4f229c4dac9ac9c9
-
SHA512
f55f9bad73f919d55562037004bdad9b550fe90fcafb71faffd65a1dc58ab49116801b4fe1f5e648e8ea9a983cfde1ffe31ee46258460cbeb46ed9b9a1ef7ad9
-
SSDEEP
12288:/VFUEuNmwvGrw9i0aTGRGicBckyyFRtWY1i3FTsvOVVigG:PUEUUw9RaTNicBrPFRtJ1iVTsCfG
Behavioral task
behavioral1
Sample
b2d7dd7195b34c26e5faf1fcf10b653e_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
b2d7dd7195b34c26e5faf1fcf10b653e_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
b2d7dd7195b34c26e5faf1fcf10b653e_JaffaCakes118
-
Size
748KB
-
MD5
b2d7dd7195b34c26e5faf1fcf10b653e
-
SHA1
c17ad78a2ae96ad1c04d4d853f2614ecb9966729
-
SHA256
ce53586b70d395f8b3a56a6afc23bed0296e2aa53914fd2e4f229c4dac9ac9c9
-
SHA512
f55f9bad73f919d55562037004bdad9b550fe90fcafb71faffd65a1dc58ab49116801b4fe1f5e648e8ea9a983cfde1ffe31ee46258460cbeb46ed9b9a1ef7ad9
-
SSDEEP
12288:/VFUEuNmwvGrw9i0aTGRGicBckyyFRtWY1i3FTsvOVVigG:PUEUUw9RaTNicBrPFRtJ1iVTsCfG
Score10/10-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-