General
-
Target
49b3afd4eed343c7902e65f4a10ea5d7_JaffaCakes118
-
Size
232KB
-
Sample
240715-n9dnmszfjg
-
MD5
49b3afd4eed343c7902e65f4a10ea5d7
-
SHA1
8248c7091940ef24f7d0787a5a65fed4fc1d5e6c
-
SHA256
4a04006d579dfa8a19b4fe1b05f2b03e0b6c7e1306866b0adf9f894f52351032
-
SHA512
3c05cc67251464ad29030966637801f61fd4654e83e81e393aa95f4aff5b31a2bb0e3163f33cfe48148988210eca56815213a02159c6a2f5c42dddd3902aba67
-
SSDEEP
6144:vylp3PFKs78vpRTlEqxF6snji81RUinKbLqN:2lPhpU
Static task
static1
Behavioral task
behavioral1
Sample
49b3afd4eed343c7902e65f4a10ea5d7_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
49b3afd4eed343c7902e65f4a10ea5d7_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
49b3afd4eed343c7902e65f4a10ea5d7_JaffaCakes118
-
Size
232KB
-
MD5
49b3afd4eed343c7902e65f4a10ea5d7
-
SHA1
8248c7091940ef24f7d0787a5a65fed4fc1d5e6c
-
SHA256
4a04006d579dfa8a19b4fe1b05f2b03e0b6c7e1306866b0adf9f894f52351032
-
SHA512
3c05cc67251464ad29030966637801f61fd4654e83e81e393aa95f4aff5b31a2bb0e3163f33cfe48148988210eca56815213a02159c6a2f5c42dddd3902aba67
-
SSDEEP
6144:vylp3PFKs78vpRTlEqxF6snji81RUinKbLqN:2lPhpU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-