General
-
Target
000eddfbf86c8526dd28e8301dec69a2_JaffaCakes118
-
Size
114KB
-
Sample
240619-xl2v1a1gnq
-
MD5
000eddfbf86c8526dd28e8301dec69a2
-
SHA1
03d7da687958e537b392df4deda2916d950840b9
-
SHA256
58a851ca522579936c78c05106e60e568ba4177c615eda031fe323634093b569
-
SHA512
0c08be8861c384c8d47a67f19d2e0ad95c319c69876a2e76fb55674e3eb583bd74542c69a65906a1d9d94cce97a407b70ebed85816ea8a08e8db8101efeb4ecb
-
SSDEEP
3072:ehxcyK32PCjiyQhx762i9DlJF8uFkpqBYf:cpK32PlyQhU2OFIq+
Static task
static1
Behavioral task
behavioral1
Sample
000eddfbf86c8526dd28e8301dec69a2_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
000eddfbf86c8526dd28e8301dec69a2_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
000eddfbf86c8526dd28e8301dec69a2_JaffaCakes118
-
Size
114KB
-
MD5
000eddfbf86c8526dd28e8301dec69a2
-
SHA1
03d7da687958e537b392df4deda2916d950840b9
-
SHA256
58a851ca522579936c78c05106e60e568ba4177c615eda031fe323634093b569
-
SHA512
0c08be8861c384c8d47a67f19d2e0ad95c319c69876a2e76fb55674e3eb583bd74542c69a65906a1d9d94cce97a407b70ebed85816ea8a08e8db8101efeb4ecb
-
SSDEEP
3072:ehxcyK32PCjiyQhx762i9DlJF8uFkpqBYf:cpK32PlyQhU2OFIq+
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-