General
-
Target
0176720d2be9a42edd23f5f9a598cbb3_JaffaCakes118
-
Size
1.2MB
-
Sample
240622-fzqw8azdnh
-
MD5
0176720d2be9a42edd23f5f9a598cbb3
-
SHA1
ddcb54165d146e803a503bcbe2c50c8bd63a0330
-
SHA256
d2d0d8b7a3b39102006b0e356c6d65e5938842055914f3769a3087e0b0179895
-
SHA512
aebc9b2c324603b663f7a130d8f16bbde27dd949c0be37f1216fc00739a3a0e75e1a3bd2f3f876924b68249fe9c4904976bcc00b47f4b4ade31dd56b26962f95
-
SSDEEP
24576:BhMdmGyYkwUisQE7PhSj5zmjrVU1hKCK2pcRnMXUEKMM6f9:bvZiC7zVKKEatEKMM6V
Static task
static1
Behavioral task
behavioral1
Sample
0176720d2be9a42edd23f5f9a598cbb3_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0176720d2be9a42edd23f5f9a598cbb3_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
0176720d2be9a42edd23f5f9a598cbb3_JaffaCakes118
-
Size
1.2MB
-
MD5
0176720d2be9a42edd23f5f9a598cbb3
-
SHA1
ddcb54165d146e803a503bcbe2c50c8bd63a0330
-
SHA256
d2d0d8b7a3b39102006b0e356c6d65e5938842055914f3769a3087e0b0179895
-
SHA512
aebc9b2c324603b663f7a130d8f16bbde27dd949c0be37f1216fc00739a3a0e75e1a3bd2f3f876924b68249fe9c4904976bcc00b47f4b4ade31dd56b26962f95
-
SSDEEP
24576:BhMdmGyYkwUisQE7PhSj5zmjrVU1hKCK2pcRnMXUEKMM6f9:bvZiC7zVKKEatEKMM6V
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-