General
-
Target
cce85c20b904b48ecce56f1e969dcf80_JaffaCakes118
-
Size
725KB
-
Sample
240831-qzzt8swfnk
-
MD5
cce85c20b904b48ecce56f1e969dcf80
-
SHA1
1a6d9a342ba4f259b3a14523d139b39c87091bac
-
SHA256
2d1bdf894e558865433c1c8c288887fb9fd0604c0ffc82fe7b623637043c733e
-
SHA512
51e450f60c9c15bb8e2a9497ed735ed94d5451a767bf4659d9adcd650c8a6a52283b6e2b9355e99765ecff62bd6b38cf441c8b65aa97693a82e68ac84b3f0831
-
SSDEEP
6144:8pRY0JvIB0GMJAqgYJ91P4oV9yplVZNynvq8MBryjgJS9RXZkCr/lNHhKM/QQ8:Gtxk0eqz1Pn9ynVSn0B2jOylNHhKi
Static task
static1
Behavioral task
behavioral1
Sample
cce85c20b904b48ecce56f1e969dcf80_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
cce85c20b904b48ecce56f1e969dcf80_JaffaCakes118
-
Size
725KB
-
MD5
cce85c20b904b48ecce56f1e969dcf80
-
SHA1
1a6d9a342ba4f259b3a14523d139b39c87091bac
-
SHA256
2d1bdf894e558865433c1c8c288887fb9fd0604c0ffc82fe7b623637043c733e
-
SHA512
51e450f60c9c15bb8e2a9497ed735ed94d5451a767bf4659d9adcd650c8a6a52283b6e2b9355e99765ecff62bd6b38cf441c8b65aa97693a82e68ac84b3f0831
-
SSDEEP
6144:8pRY0JvIB0GMJAqgYJ91P4oV9yplVZNynvq8MBryjgJS9RXZkCr/lNHhKM/QQ8:Gtxk0eqz1Pn9ynVSn0B2jOylNHhKi
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-