General
-
Target
70ff5016cfd237faef1b9f7c3f3d6c5b_JaffaCakes118
-
Size
372KB
-
Sample
240725-ymvczsvaqc
-
MD5
70ff5016cfd237faef1b9f7c3f3d6c5b
-
SHA1
207cea13c545afc5d94fca97fa3c4b3134ba2e2a
-
SHA256
60b90d95244ff7150826ab96162a32269429ffca7d02ab33306b131db33f2211
-
SHA512
35e1aa05decacdc41b69c31b2500a6fa02ff0bf38da96162a8cef4869871a35be34a2a50ba1161a2997413c2d4b41f3de3750e38aed9b920912962d66e628487
-
SSDEEP
3072:QP8fomAU/fGRFKWJ8pypVcfjXOCHXMem1GVMm++53YlFYAFI:QYAxFRynfTOCH8eUMU+RiS
Static task
static1
Behavioral task
behavioral1
Sample
70ff5016cfd237faef1b9f7c3f3d6c5b_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
70ff5016cfd237faef1b9f7c3f3d6c5b_JaffaCakes118
-
Size
372KB
-
MD5
70ff5016cfd237faef1b9f7c3f3d6c5b
-
SHA1
207cea13c545afc5d94fca97fa3c4b3134ba2e2a
-
SHA256
60b90d95244ff7150826ab96162a32269429ffca7d02ab33306b131db33f2211
-
SHA512
35e1aa05decacdc41b69c31b2500a6fa02ff0bf38da96162a8cef4869871a35be34a2a50ba1161a2997413c2d4b41f3de3750e38aed9b920912962d66e628487
-
SSDEEP
3072:QP8fomAU/fGRFKWJ8pypVcfjXOCHXMem1GVMm++53YlFYAFI:QYAxFRynfTOCH8eUMU+RiS
-
KPOT Core Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Suspicious use of SetThreadContext
-