General
-
Target
474d3fa4c581beebc062f32cceee2804_JaffaCakes118
-
Size
268KB
-
Sample
240714-3ryneszhnc
-
MD5
474d3fa4c581beebc062f32cceee2804
-
SHA1
76ced127fd9f078062b2561b0c1568045da58578
-
SHA256
d75b64e8b60136bde6403bb20c4f58f1fc87afdf0cf023143ec2eb77ba028ec8
-
SHA512
720610d9ebdbe41ed6485b22e3f045c8d37008358e78e980dee89cdccf53339951c26f1fb6e6bfb6cdfa3b06ad1b794f4529858b4f146feb4ec2c8bc8ae15e07
-
SSDEEP
6144:kKqTVTMaq4Noj3/ApdfNZolv27EFrRKX2yktr6sx7wO:8Maq8m/6hwlv2gFrMXot37w
Behavioral task
behavioral1
Sample
474d3fa4c581beebc062f32cceee2804_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
cybergate
2.6
ÖÍíÉ
127.0.0.1:288
***MUTEX***
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
svchost.exe
-
install_file
windows.exe
-
install_flag
false
-
keylogger_enable_ftp
false
-
message_box_caption
texto da mensagem
-
message_box_title
título da mensagem
-
password
abcd1234
Targets
-
-
Target
474d3fa4c581beebc062f32cceee2804_JaffaCakes118
-
Size
268KB
-
MD5
474d3fa4c581beebc062f32cceee2804
-
SHA1
76ced127fd9f078062b2561b0c1568045da58578
-
SHA256
d75b64e8b60136bde6403bb20c4f58f1fc87afdf0cf023143ec2eb77ba028ec8
-
SHA512
720610d9ebdbe41ed6485b22e3f045c8d37008358e78e980dee89cdccf53339951c26f1fb6e6bfb6cdfa3b06ad1b794f4529858b4f146feb4ec2c8bc8ae15e07
-
SSDEEP
6144:kKqTVTMaq4Noj3/ApdfNZolv27EFrRKX2yktr6sx7wO:8Maq8m/6hwlv2gFrMXot37w
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-