General
-
Target
0dcf6b80de9636e9f2d58825842404ee_JaffaCakes118
-
Size
704KB
-
Sample
241003-ej5j1atcnl
-
MD5
0dcf6b80de9636e9f2d58825842404ee
-
SHA1
56197059d0319560d256b067a90b01131cd44733
-
SHA256
8d6e783c42531ba3a8c823293d399c08f0ef07c007213f40f253aea1ddfc7dfe
-
SHA512
91bf4a8336420555d31bbd94c079f56575386c2a9659956def2be780c06ba6eb8b04a447c9109d739b081be0fd37248a077ac6381d05af0b54d393053d25a996
-
SSDEEP
12288:YKHp9fDIItMm2o44sGTdBqWvwD+8ChCbW3XTjY1r1RtH8ePhAU5u0AhpZxAhkg1:YorLkbDEhyW3XS1RtcePKUBATZx81
Behavioral task
behavioral1
Sample
0dcf6b80de9636e9f2d58825842404ee_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0dcf6b80de9636e9f2d58825842404ee_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0dcf6b80de9636e9f2d58825842404ee_JaffaCakes118
-
Size
704KB
-
MD5
0dcf6b80de9636e9f2d58825842404ee
-
SHA1
56197059d0319560d256b067a90b01131cd44733
-
SHA256
8d6e783c42531ba3a8c823293d399c08f0ef07c007213f40f253aea1ddfc7dfe
-
SHA512
91bf4a8336420555d31bbd94c079f56575386c2a9659956def2be780c06ba6eb8b04a447c9109d739b081be0fd37248a077ac6381d05af0b54d393053d25a996
-
SSDEEP
12288:YKHp9fDIItMm2o44sGTdBqWvwD+8ChCbW3XTjY1r1RtH8ePhAU5u0AhpZxAhkg1:YorLkbDEhyW3XS1RtcePKUBATZx81
Score10/10-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-