General
-
Target
89b092092c86c927ab7f7e9ebb1fc2a4_JaffaCakes118
-
Size
141KB
-
Sample
240811-kffdlawemc
-
MD5
89b092092c86c927ab7f7e9ebb1fc2a4
-
SHA1
7c5ad84ceb2a5c321c855d091685d4617dadfab8
-
SHA256
42a841d25bca00b47de80bd1c95aa0076ba917fde1511a3ffad5518179cfe052
-
SHA512
1d40063d7bfd35b9e39153071e795aa131bbb11b4f86231124bbc749dd0032e65687a2ba1b5262dab619f9350631a8426b330529b5f976451cf3b06177326396
-
SSDEEP
3072:qix5XnHSNwVR6vW6nNQAUrTrogAaU/eTQyBnykmNsNl0viuxzO/T5ukA:qiTXuKUn2X5A2tyfDvCI
Static task
static1
Behavioral task
behavioral1
Sample
89b092092c86c927ab7f7e9ebb1fc2a4_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
89b092092c86c927ab7f7e9ebb1fc2a4_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
latentbot
serverforme.zapto.org
Targets
-
-
Target
89b092092c86c927ab7f7e9ebb1fc2a4_JaffaCakes118
-
Size
141KB
-
MD5
89b092092c86c927ab7f7e9ebb1fc2a4
-
SHA1
7c5ad84ceb2a5c321c855d091685d4617dadfab8
-
SHA256
42a841d25bca00b47de80bd1c95aa0076ba917fde1511a3ffad5518179cfe052
-
SHA512
1d40063d7bfd35b9e39153071e795aa131bbb11b4f86231124bbc749dd0032e65687a2ba1b5262dab619f9350631a8426b330529b5f976451cf3b06177326396
-
SSDEEP
3072:qix5XnHSNwVR6vW6nNQAUrTrogAaU/eTQyBnykmNsNl0viuxzO/T5ukA:qiTXuKUn2X5A2tyfDvCI
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-