General
-
Target
2974e70f02767b10963e422142859413_JaffaCakes118
-
Size
136KB
-
Sample
240706-2k8pdaxdlb
-
MD5
2974e70f02767b10963e422142859413
-
SHA1
10982b4f655d166b8145b14f57adae7b265a1559
-
SHA256
c24e9f212bf4aa4d09be65a48991d3d88a7f8c7964167b669655bae9fcf683aa
-
SHA512
f41fb5551cfa66f2efbc29ce7be0cfffba83309f37078346bdf01db0314f072626054a2eb34d4602b596b4cb74e6f068f65825a3a9a6872b115644c8c766d90a
-
SSDEEP
3072:kIMXId8aU3RrYoD5XulxqnDv9405BL6zl:xMPayR0oD5muDvi02Z
Static task
static1
Behavioral task
behavioral1
Sample
2974e70f02767b10963e422142859413_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2974e70f02767b10963e422142859413_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
tofsee
94.75.255.140
rgtryhbgddtyh.biz
wertdghbyrukl.ch
Targets
-
-
Target
2974e70f02767b10963e422142859413_JaffaCakes118
-
Size
136KB
-
MD5
2974e70f02767b10963e422142859413
-
SHA1
10982b4f655d166b8145b14f57adae7b265a1559
-
SHA256
c24e9f212bf4aa4d09be65a48991d3d88a7f8c7964167b669655bae9fcf683aa
-
SHA512
f41fb5551cfa66f2efbc29ce7be0cfffba83309f37078346bdf01db0314f072626054a2eb34d4602b596b4cb74e6f068f65825a3a9a6872b115644c8c766d90a
-
SSDEEP
3072:kIMXId8aU3RrYoD5XulxqnDv9405BL6zl:xMPayR0oD5muDvi02Z
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-