General
-
Target
1954f7c5cf2ed21665937051cdb8b9d4_JaffaCakes118
-
Size
330KB
-
Sample
241006-xxjhssvfpd
-
MD5
1954f7c5cf2ed21665937051cdb8b9d4
-
SHA1
37b324eb046260d19fa038b6829a06aa5ae73af8
-
SHA256
b29d4f97b9274450f159bd7e712738814b6643140be3ecb8e37a4c3aaec9354c
-
SHA512
bec30d6156da8b0e04a8831057eeb3d208e4385ee9d917d6c11a46eeac7e2e2b53502b10395e6d295caf5732d62a881d006e6f076e6ce653647eee5f8d57df80
-
SSDEEP
6144:ANuIJXtgwj5YkigHnoAlBKeUHM9V0WGqfiK6vRuTFzHteF2MmH0q/LTgv:AoI13j5YkdBKpHCBLiK+uTFzHteXmvjY
Behavioral task
behavioral1
Sample
1954f7c5cf2ed21665937051cdb8b9d4_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
1954f7c5cf2ed21665937051cdb8b9d4_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
1954f7c5cf2ed21665937051cdb8b9d4_JaffaCakes118
-
Size
330KB
-
MD5
1954f7c5cf2ed21665937051cdb8b9d4
-
SHA1
37b324eb046260d19fa038b6829a06aa5ae73af8
-
SHA256
b29d4f97b9274450f159bd7e712738814b6643140be3ecb8e37a4c3aaec9354c
-
SHA512
bec30d6156da8b0e04a8831057eeb3d208e4385ee9d917d6c11a46eeac7e2e2b53502b10395e6d295caf5732d62a881d006e6f076e6ce653647eee5f8d57df80
-
SSDEEP
6144:ANuIJXtgwj5YkigHnoAlBKeUHM9V0WGqfiK6vRuTFzHteF2MmH0q/LTgv:AoI13j5YkdBKpHCBLiK+uTFzHteXmvjY
Score10/10-
AmmyyAdmin payload
-
FlawedAmmyy RAT
Remote-access trojan based on leaked code for the Ammyy remote admin software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-