General
-
Target
b4c1769130661d0bdfd97da5cdc48dfd_JaffaCakes118
-
Size
678KB
-
Sample
240821-x99whszgnp
-
MD5
b4c1769130661d0bdfd97da5cdc48dfd
-
SHA1
9efbce6293ac36086ad53acf375c5ed1a857f01b
-
SHA256
7bd032519786e19b7da359d254da990a5734298bbea584a42bd7c0713b005a77
-
SHA512
9b04704cc1e0b6625baeae10196d5d63665bec6829291300db59b92b5a67803f452a5e4346b3a5fd39732e7419acf3426aef7898c0039cf577ef08270f8e1f12
-
SSDEEP
12288:a4hUaFty+yr+Ts4e3kmYn0YaAsPko8dhM5wzTrr5v3Q2KWHQR:abaFty+yr+Ts4e3kmYn0YaAsB+M5STru
Static task
static1
Behavioral task
behavioral1
Sample
b4c1769130661d0bdfd97da5cdc48dfd_JaffaCakes118.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
b4c1769130661d0bdfd97da5cdc48dfd_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b4c1769130661d0bdfd97da5cdc48dfd_JaffaCakes118
-
Size
678KB
-
MD5
b4c1769130661d0bdfd97da5cdc48dfd
-
SHA1
9efbce6293ac36086ad53acf375c5ed1a857f01b
-
SHA256
7bd032519786e19b7da359d254da990a5734298bbea584a42bd7c0713b005a77
-
SHA512
9b04704cc1e0b6625baeae10196d5d63665bec6829291300db59b92b5a67803f452a5e4346b3a5fd39732e7419acf3426aef7898c0039cf577ef08270f8e1f12
-
SSDEEP
12288:a4hUaFty+yr+Ts4e3kmYn0YaAsPko8dhM5wzTrr5v3Q2KWHQR:abaFty+yr+Ts4e3kmYn0YaAsB+M5STru
Score8/10-
Server Software Component: Terminal Services DLL
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-