General
-
Target
10e6de7bec3d7c66b13f5227b8729793_JaffaCakes118
-
Size
1.1MB
-
Sample
240626-gb9vvs1bmj
-
MD5
10e6de7bec3d7c66b13f5227b8729793
-
SHA1
cd653846a66b3cf4587fe2c605d883db2ace6586
-
SHA256
0a69b33acbc21fd40e2975d9b2b321898062198fbccfd38d6ef8b0b5c2a9c1d2
-
SHA512
1b672b0bd338f111bc69814316cc30d4f5289811f26eebf0369ed5c7c06359bbb4b74fd34dc2dcedb9393324fb514c001b6564fcfb4b33dbbd4a790eee9caf31
-
SSDEEP
24576:bNBIlk9QFtfRWYozUwK4LHYFiOobc7ixddZ:kKeFxQYHUYbMcefZ
Static task
static1
Behavioral task
behavioral1
Sample
10e6de7bec3d7c66b13f5227b8729793_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
10e6de7bec3d7c66b13f5227b8729793_JaffaCakes118
-
Size
1.1MB
-
MD5
10e6de7bec3d7c66b13f5227b8729793
-
SHA1
cd653846a66b3cf4587fe2c605d883db2ace6586
-
SHA256
0a69b33acbc21fd40e2975d9b2b321898062198fbccfd38d6ef8b0b5c2a9c1d2
-
SHA512
1b672b0bd338f111bc69814316cc30d4f5289811f26eebf0369ed5c7c06359bbb4b74fd34dc2dcedb9393324fb514c001b6564fcfb4b33dbbd4a790eee9caf31
-
SSDEEP
24576:bNBIlk9QFtfRWYozUwK4LHYFiOobc7ixddZ:kKeFxQYHUYbMcefZ
-
Detects Echelon Stealer payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-