General
-
Target
04b746e89b7de3be76cf0f257ef145e6_JaffaCakes118
-
Size
23KB
-
Sample
240620-lekglathnp
-
MD5
04b746e89b7de3be76cf0f257ef145e6
-
SHA1
d2b53fe61d29f65eb7089f461aecefd49ee42da4
-
SHA256
de112298823fe712908ff89dcb9eba2784cc762c8feb677d9b81d7f12d4f2136
-
SHA512
a9d54de20f868f52d09e728134d17e2fb854a2c44a41cdce4a0fcd27cb2a92c8a2cfe0510053575ecf357ab753e5e9379382f88e14e8ea96c4b9f6033a0dec43
-
SSDEEP
384:jn6tj82SUhFzNZV41PooN6LGoGozH3sT4ITyIFwMp65+fcK6YtuBBC5aqC2:mnHhNNZVQPooNiG0cHuIFzoWcfKuTC3C
Behavioral task
behavioral1
Sample
04b746e89b7de3be76cf0f257ef145e6_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
04b746e89b7de3be76cf0f257ef145e6_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
04b746e89b7de3be76cf0f257ef145e6_JaffaCakes118
-
Size
23KB
-
MD5
04b746e89b7de3be76cf0f257ef145e6
-
SHA1
d2b53fe61d29f65eb7089f461aecefd49ee42da4
-
SHA256
de112298823fe712908ff89dcb9eba2784cc762c8feb677d9b81d7f12d4f2136
-
SHA512
a9d54de20f868f52d09e728134d17e2fb854a2c44a41cdce4a0fcd27cb2a92c8a2cfe0510053575ecf357ab753e5e9379382f88e14e8ea96c4b9f6033a0dec43
-
SSDEEP
384:jn6tj82SUhFzNZV41PooN6LGoGozH3sT4ITyIFwMp65+fcK6YtuBBC5aqC2:mnHhNNZVQPooNiG0cHuIFzoWcfKuTC3C
Score8/10-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-