General
-
Target
6c50c8abafb090571b809b7e440760fb_JaffaCakes118
-
Size
318KB
-
Sample
240724-w16xtszhqm
-
MD5
6c50c8abafb090571b809b7e440760fb
-
SHA1
940400974cbe308babd859914b0f8158168a7d67
-
SHA256
987a459213fe3739f0b3a9599a965c98fd7ffe48217cb7051649767b5815a87d
-
SHA512
2e965287ef25056c6d9edd113ea87d72a674d90b01f9db97bf9092bb820bbd35cd8b125ba0593d73561f23f7916d3223322652a221258935d010ccd51f0f6878
-
SSDEEP
6144:TKjZy6NQ1xaIN8kUedSzx2ME5+b/LNWZR6c2r4/OQfUg8UW:yNQ/2kb35+nsoc2MRF
Static task
static1
Behavioral task
behavioral1
Sample
6c50c8abafb090571b809b7e440760fb_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
6c50c8abafb090571b809b7e440760fb_JaffaCakes118
-
Size
318KB
-
MD5
6c50c8abafb090571b809b7e440760fb
-
SHA1
940400974cbe308babd859914b0f8158168a7d67
-
SHA256
987a459213fe3739f0b3a9599a965c98fd7ffe48217cb7051649767b5815a87d
-
SHA512
2e965287ef25056c6d9edd113ea87d72a674d90b01f9db97bf9092bb820bbd35cd8b125ba0593d73561f23f7916d3223322652a221258935d010ccd51f0f6878
-
SSDEEP
6144:TKjZy6NQ1xaIN8kUedSzx2ME5+b/LNWZR6c2r4/OQfUg8UW:yNQ/2kb35+nsoc2MRF
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-