General
-
Target
5af3c46193e645b0b8cf9ea57b92ee67_JaffaCakes118
-
Size
2.7MB
-
Sample
240719-h4wz5ssbmh
-
MD5
5af3c46193e645b0b8cf9ea57b92ee67
-
SHA1
00330e57d144b44912389d751a1d4e4a5ac66d64
-
SHA256
d01423709d2637ecc6927d64fb9f80036ab40a354d2cc36f6ed5f4f6ffe4ebe0
-
SHA512
5857fbc9337789bd80c507c7808873733f9dd75f0bf698f7c3cdc65d82e31addbc7294f4d5d39df579a8ad1085f3c1fd744231b878f99454c1ba68b961643b92
-
SSDEEP
49152:dYbDbkUopsyyi6jSLTjtnMhGcYuhsLpmsjnHXPMgDXc2mB95CDv/nl25c17WO0CQ:IbXopsyRvRaYu+jT0mc2mB+DkG3VO
Static task
static1
Behavioral task
behavioral1
Sample
5af3c46193e645b0b8cf9ea57b92ee67_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5af3c46193e645b0b8cf9ea57b92ee67_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
5af3c46193e645b0b8cf9ea57b92ee67_JaffaCakes118
-
Size
2.7MB
-
MD5
5af3c46193e645b0b8cf9ea57b92ee67
-
SHA1
00330e57d144b44912389d751a1d4e4a5ac66d64
-
SHA256
d01423709d2637ecc6927d64fb9f80036ab40a354d2cc36f6ed5f4f6ffe4ebe0
-
SHA512
5857fbc9337789bd80c507c7808873733f9dd75f0bf698f7c3cdc65d82e31addbc7294f4d5d39df579a8ad1085f3c1fd744231b878f99454c1ba68b961643b92
-
SSDEEP
49152:dYbDbkUopsyyi6jSLTjtnMhGcYuhsLpmsjnHXPMgDXc2mB95CDv/nl25c17WO0CQ:IbXopsyRvRaYu+jT0mc2mB+DkG3VO
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-