General
-
Target
1276d361cea59860a47008bd351b930e_JaffaCakes118
-
Size
1.1MB
-
Sample
240626-stkt8stbpp
-
MD5
1276d361cea59860a47008bd351b930e
-
SHA1
607f923229ec991c1bf4fa0fc521f3a35c5854ca
-
SHA256
a40d0160d5e9d7a582e1e110b6564d5b9eb19ebb200306746da8d9eaad80ce95
-
SHA512
2eb3c9c7087aefc4208954736c1e8b19f5f893c45e3c49d4190ed74bdc6a1653c3c83042e5d3a1338eff1b7455dd3245dc4a9cb978d1ea6a892ac91517c7be63
-
SSDEEP
24576:219CNRTAeS8NYsUaMRz/qTGEssuqVoBgUtlNBr1/E:5ieS82smz/3Essu8oftxr
Static task
static1
Behavioral task
behavioral1
Sample
1276d361cea59860a47008bd351b930e_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1276d361cea59860a47008bd351b930e_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1276d361cea59860a47008bd351b930e_JaffaCakes118
-
Size
1.1MB
-
MD5
1276d361cea59860a47008bd351b930e
-
SHA1
607f923229ec991c1bf4fa0fc521f3a35c5854ca
-
SHA256
a40d0160d5e9d7a582e1e110b6564d5b9eb19ebb200306746da8d9eaad80ce95
-
SHA512
2eb3c9c7087aefc4208954736c1e8b19f5f893c45e3c49d4190ed74bdc6a1653c3c83042e5d3a1338eff1b7455dd3245dc4a9cb978d1ea6a892ac91517c7be63
-
SSDEEP
24576:219CNRTAeS8NYsUaMRz/qTGEssuqVoBgUtlNBr1/E:5ieS82smz/3Essu8oftxr
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-