General
-
Target
becd1c2216150597422b7d682372cbb2_JaffaCakes118
-
Size
35KB
-
Sample
240824-rx7yhawfnp
-
MD5
becd1c2216150597422b7d682372cbb2
-
SHA1
47e3bf0a73baf7127cbc50db7c4699cb519dd63b
-
SHA256
94091b8dc3362d5564b4e84aaeb3bb326b1c30877bd582f17dbb82fd14c1f4eb
-
SHA512
2ce02c5eb0c757ab5ada923bb35d2cf9dc16e1ef2604c72caef387e2cd4bf0a6501459b5c3a725cc53becd9edf654a59291c6cff9ddb6bb965376ccea1e3e893
-
SSDEEP
768:TwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647DG:TwbYP4nuEApQK4TQbtY2gA9DX+ytBOs
Static task
static1
Behavioral task
behavioral1
Sample
becd1c2216150597422b7d682372cbb2_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
becd1c2216150597422b7d682372cbb2_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
becd1c2216150597422b7d682372cbb2_JaffaCakes118
-
Size
35KB
-
MD5
becd1c2216150597422b7d682372cbb2
-
SHA1
47e3bf0a73baf7127cbc50db7c4699cb519dd63b
-
SHA256
94091b8dc3362d5564b4e84aaeb3bb326b1c30877bd582f17dbb82fd14c1f4eb
-
SHA512
2ce02c5eb0c757ab5ada923bb35d2cf9dc16e1ef2604c72caef387e2cd4bf0a6501459b5c3a725cc53becd9edf654a59291c6cff9ddb6bb965376ccea1e3e893
-
SSDEEP
768:TwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647DG:TwbYP4nuEApQK4TQbtY2gA9DX+ytBOs
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1