General
-
Target
39701f5c18d18cd690f7ded4f1ea958e_JaffaCakes118
-
Size
92KB
-
Sample
240711-rd2mdasakd
-
MD5
39701f5c18d18cd690f7ded4f1ea958e
-
SHA1
982abd7a3c93c48536917a958fc97252f5e225e1
-
SHA256
afcaaf746e58ff7c2976963accf7b032cb21a028a6857b5a7f542dbb335b2b2c
-
SHA512
cb804688ca6496a0f4a06f56a561134aaf1f9631b2e4e8de4ffa5a7ca183c7d8a221a8d3a3ea33efe7a6505bfab5dea115f9ac24b33333f4523bad68433314ff
-
SSDEEP
1536:sEUQjlDAMOcnNFCEcK3gGrvOAoY7ld0ckN3wTr3iAkHyy+dOrrrrrr:sVulMMlXE+g41jkNyTr
Static task
static1
Behavioral task
behavioral1
Sample
39701f5c18d18cd690f7ded4f1ea958e_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
39701f5c18d18cd690f7ded4f1ea958e_JaffaCakes118
-
Size
92KB
-
MD5
39701f5c18d18cd690f7ded4f1ea958e
-
SHA1
982abd7a3c93c48536917a958fc97252f5e225e1
-
SHA256
afcaaf746e58ff7c2976963accf7b032cb21a028a6857b5a7f542dbb335b2b2c
-
SHA512
cb804688ca6496a0f4a06f56a561134aaf1f9631b2e4e8de4ffa5a7ca183c7d8a221a8d3a3ea33efe7a6505bfab5dea115f9ac24b33333f4523bad68433314ff
-
SSDEEP
1536:sEUQjlDAMOcnNFCEcK3gGrvOAoY7ld0ckN3wTr3iAkHyy+dOrrrrrr:sVulMMlXE+g41jkNyTr
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1