General
-
Target
6b6bbf33ce0cc8f41a57c5a69872ae01_JaffaCakes118
-
Size
200KB
-
Sample
240724-nfmpfswhnb
-
MD5
6b6bbf33ce0cc8f41a57c5a69872ae01
-
SHA1
4fc2ffb5fbf3e4b5255c5d8ae5ce872fa0b364a0
-
SHA256
a7306aaee21e8a4ff56d55dd4f960d336eb5364dfe46292e2c4acde05b89b803
-
SHA512
309bfd345978f8e458d6f67b01faf12790958d706c9e48b1e8f871ceb9a303a13a48f5de8a6a7425c2fd7655975ee52419eb1333ae324b54f9f3cd35fb4ed305
-
SSDEEP
3072:gAwixCZ6Sh77R2Gpf606U8v0e7OIgPDFIbbzhPM67fIhAE:gExhk7rh7NEOIYWlPM6r6h
Behavioral task
behavioral1
Sample
6b6bbf33ce0cc8f41a57c5a69872ae01_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
urelas
218.54.47.76
218.54.47.77
218.54.47.74
Targets
-
-
Target
6b6bbf33ce0cc8f41a57c5a69872ae01_JaffaCakes118
-
Size
200KB
-
MD5
6b6bbf33ce0cc8f41a57c5a69872ae01
-
SHA1
4fc2ffb5fbf3e4b5255c5d8ae5ce872fa0b364a0
-
SHA256
a7306aaee21e8a4ff56d55dd4f960d336eb5364dfe46292e2c4acde05b89b803
-
SHA512
309bfd345978f8e458d6f67b01faf12790958d706c9e48b1e8f871ceb9a303a13a48f5de8a6a7425c2fd7655975ee52419eb1333ae324b54f9f3cd35fb4ed305
-
SSDEEP
3072:gAwixCZ6Sh77R2Gpf606U8v0e7OIgPDFIbbzhPM67fIhAE:gExhk7rh7NEOIYWlPM6r6h
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-