General
-
Target
21114d8c1692a12db2394276106bc665_JaffaCakes118
-
Size
655KB
-
Sample
241008-mkptyasgqk
-
MD5
21114d8c1692a12db2394276106bc665
-
SHA1
0df10aaeb0d1a04bbf3c898aba1e248243c97c72
-
SHA256
6a52071981858c924d7ef138623368f6736fe09b30099deb3d05ecf33d454262
-
SHA512
4b2ac1018a6cde01ac0483f16b6dda27a5ce52024da2cd32ed13dc54993a358f4f27d2161a2c037d7174bc32e905731421ab91dc871c4b7cea7b8568ba6fa9ca
-
SSDEEP
12288:LczJJhqrVPllvKspPTEGWGqWKNiTic4RVavZqpXwuCRXM+:LczJKVdDEGzqWTec4RcZqXfCdn
Static task
static1
Behavioral task
behavioral1
Sample
21114d8c1692a12db2394276106bc665_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
21114d8c1692a12db2394276106bc665_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
21114d8c1692a12db2394276106bc665_JaffaCakes118
-
Size
655KB
-
MD5
21114d8c1692a12db2394276106bc665
-
SHA1
0df10aaeb0d1a04bbf3c898aba1e248243c97c72
-
SHA256
6a52071981858c924d7ef138623368f6736fe09b30099deb3d05ecf33d454262
-
SHA512
4b2ac1018a6cde01ac0483f16b6dda27a5ce52024da2cd32ed13dc54993a358f4f27d2161a2c037d7174bc32e905731421ab91dc871c4b7cea7b8568ba6fa9ca
-
SSDEEP
12288:LczJJhqrVPllvKspPTEGWGqWKNiTic4RVavZqpXwuCRXM+:LczJKVdDEGzqWTec4RcZqXfCdn
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-