General
-
Target
8203adbdf5c3fb50ef27b7aa46cf44d6_JaffaCakes118
-
Size
252KB
-
Sample
240801-2l3vhsvbrd
-
MD5
8203adbdf5c3fb50ef27b7aa46cf44d6
-
SHA1
38608cc76c00e046908cd8d35a658fd28568b2c8
-
SHA256
b1f3b16016bc11788a7a94d89df8a145cbfe9d7110a4f333d7482f817d2db8cf
-
SHA512
b5504dce532eb331ec500c1e1fdf59c2e38c1e957ff9bd984d7f363d9de75f1125ed2c80ecf2adbb0b65a0e9b4e78234b1e97e8fa3ba7ba41ab986926703b677
-
SSDEEP
6144:T5QpeUUeSwGUTPcdBMsXS593xRExRYnzCvY:KpeUlCUTPcdBHSfGRdvY
Static task
static1
Behavioral task
behavioral1
Sample
8203adbdf5c3fb50ef27b7aa46cf44d6_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
8203adbdf5c3fb50ef27b7aa46cf44d6_JaffaCakes118
-
Size
252KB
-
MD5
8203adbdf5c3fb50ef27b7aa46cf44d6
-
SHA1
38608cc76c00e046908cd8d35a658fd28568b2c8
-
SHA256
b1f3b16016bc11788a7a94d89df8a145cbfe9d7110a4f333d7482f817d2db8cf
-
SHA512
b5504dce532eb331ec500c1e1fdf59c2e38c1e957ff9bd984d7f363d9de75f1125ed2c80ecf2adbb0b65a0e9b4e78234b1e97e8fa3ba7ba41ab986926703b677
-
SSDEEP
6144:T5QpeUUeSwGUTPcdBMsXS593xRExRYnzCvY:KpeUlCUTPcdBHSfGRdvY
-
KPOT Core Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Suspicious use of SetThreadContext
-