General
-
Target
f61a0991e1a2591c39629f8f51954079_JaffaCakes118
-
Size
476KB
-
Sample
240925-qlb61sxdpm
-
MD5
f61a0991e1a2591c39629f8f51954079
-
SHA1
2081e35f0cdd2411bb7c53b7833e1eb21221bec3
-
SHA256
dd80ea0d7cab57580251088c44c6fe5759ef696eb1577f8fd21cd9310b5afa1c
-
SHA512
bac1e6e1621811410d17c915fa92500b6d7926fea95fa4c5db54dbe0dfe743da38851cafbc900b4d51d5cf9ce864ab012f74f7caf055c8876f88a151e16917d1
-
SSDEEP
12288:M3nZMhJ+ubNZ7dCtvFjwdr3F9FWuxU+PSkJBYDIl+OqJ+hOye:M3nZqfbxCtvyx3FvWoUiJOIHVh+
Static task
static1
Behavioral task
behavioral1
Sample
f61a0991e1a2591c39629f8f51954079_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
f61a0991e1a2591c39629f8f51954079_JaffaCakes118
-
Size
476KB
-
MD5
f61a0991e1a2591c39629f8f51954079
-
SHA1
2081e35f0cdd2411bb7c53b7833e1eb21221bec3
-
SHA256
dd80ea0d7cab57580251088c44c6fe5759ef696eb1577f8fd21cd9310b5afa1c
-
SHA512
bac1e6e1621811410d17c915fa92500b6d7926fea95fa4c5db54dbe0dfe743da38851cafbc900b4d51d5cf9ce864ab012f74f7caf055c8876f88a151e16917d1
-
SSDEEP
12288:M3nZMhJ+ubNZ7dCtvFjwdr3F9FWuxU+PSkJBYDIl+OqJ+hOye:M3nZqfbxCtvyx3FvWoUiJOIHVh+
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-