General
-
Target
2defd4fc35b6e5d9a8b926af9aa3b74e_JaffaCakes118
-
Size
4.0MB
-
Sample
241009-kd3fcatapb
-
MD5
2defd4fc35b6e5d9a8b926af9aa3b74e
-
SHA1
f705a3243b199fcbbbed79ff32bb704c52e05b2d
-
SHA256
5dfcdab043ff09cab175f977444a871f1b5be457f665518e0f24194f74ff3927
-
SHA512
14d001b080c58f08541e0b7003bfa7df3eff624deda253da4e3aa0c2a8e35cf5349f388881778289185351ecbda868ff98702e323cc9fd85315bc218340c6f07
-
SSDEEP
24576:DF9mrnE2Z1y/6oTNBZrBEu8C7jnIQCwRO/wTGS5DBMY1:DD2Z1qT3Zz888QCwRO/wT/aY1
Behavioral task
behavioral1
Sample
2defd4fc35b6e5d9a8b926af9aa3b74e_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2defd4fc35b6e5d9a8b926af9aa3b74e_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2defd4fc35b6e5d9a8b926af9aa3b74e_JaffaCakes118
-
Size
4.0MB
-
MD5
2defd4fc35b6e5d9a8b926af9aa3b74e
-
SHA1
f705a3243b199fcbbbed79ff32bb704c52e05b2d
-
SHA256
5dfcdab043ff09cab175f977444a871f1b5be457f665518e0f24194f74ff3927
-
SHA512
14d001b080c58f08541e0b7003bfa7df3eff624deda253da4e3aa0c2a8e35cf5349f388881778289185351ecbda868ff98702e323cc9fd85315bc218340c6f07
-
SSDEEP
24576:DF9mrnE2Z1y/6oTNBZrBEu8C7jnIQCwRO/wTGS5DBMY1:DD2Z1qT3Zz888QCwRO/wT/aY1
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1