General
-
Target
1d14f90eb71b37df7fe3d82f68c5dc4c_JaffaCakes118
-
Size
447KB
-
Sample
240702-anfdfssepm
-
MD5
1d14f90eb71b37df7fe3d82f68c5dc4c
-
SHA1
80176ef54287b4abfe71f6ae0ebc9bc708bd6d10
-
SHA256
aacd0d0feeac0150a06903a117d0a05febffb0b8c8bc3721a2c5e44268305b1d
-
SHA512
ed1a5c3ec8e770c480ffc137f1ccefab7a799e76bdd224edbb7e826d96d4e0aab727392e5f0e88236fb7838738bb86cd5e9919b45ac2b2b10a20857cdcc43af5
-
SSDEEP
6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpo3:PMpASIcWYx2U6hAJQnD
Behavioral task
behavioral1
Sample
1d14f90eb71b37df7fe3d82f68c5dc4c_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
urelas
218.54.31.165
218.54.31.226
Targets
-
-
Target
1d14f90eb71b37df7fe3d82f68c5dc4c_JaffaCakes118
-
Size
447KB
-
MD5
1d14f90eb71b37df7fe3d82f68c5dc4c
-
SHA1
80176ef54287b4abfe71f6ae0ebc9bc708bd6d10
-
SHA256
aacd0d0feeac0150a06903a117d0a05febffb0b8c8bc3721a2c5e44268305b1d
-
SHA512
ed1a5c3ec8e770c480ffc137f1ccefab7a799e76bdd224edbb7e826d96d4e0aab727392e5f0e88236fb7838738bb86cd5e9919b45ac2b2b10a20857cdcc43af5
-
SSDEEP
6144:PEK25f5ySIcWLsxIIW4DYM6SB6v+qLnAzYmhwrxcvkzmSOpo3:PMpASIcWYx2U6hAJQnD
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-