General
-
Target
61128c0de09fc6455258a33cb5de3925_JaffaCakes118
-
Size
647KB
-
Sample
240721-x2wnxs1aqc
-
MD5
61128c0de09fc6455258a33cb5de3925
-
SHA1
59a61a6e71d0a275503f92fe80b5317c91d69338
-
SHA256
a548e16606c3127665b7cdc29917e6ec1baf7577837e5e7d4b007dd4bd2405f3
-
SHA512
09505eea934dd857799ed826dadd855bdf5a4371e80baa28d0317bdb038f74a31ad129c3613d53cc7ea8b1060980736da0240a4221f9bc1a568c3b796ed5d7c1
-
SSDEEP
12288:A8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORixE:5UKoN0bUxgGa/pfBHDb+y1HgZO
Behavioral task
behavioral1
Sample
61128c0de09fc6455258a33cb5de3925_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
61128c0de09fc6455258a33cb5de3925_JaffaCakes118
-
Size
647KB
-
MD5
61128c0de09fc6455258a33cb5de3925
-
SHA1
59a61a6e71d0a275503f92fe80b5317c91d69338
-
SHA256
a548e16606c3127665b7cdc29917e6ec1baf7577837e5e7d4b007dd4bd2405f3
-
SHA512
09505eea934dd857799ed826dadd855bdf5a4371e80baa28d0317bdb038f74a31ad129c3613d53cc7ea8b1060980736da0240a4221f9bc1a568c3b796ed5d7c1
-
SSDEEP
12288:A8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORixE:5UKoN0bUxgGa/pfBHDb+y1HgZO
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-