General
-
Target
3799833548a3e8bdd526ae0ed3398913_JaffaCakes118
-
Size
165KB
-
Sample
241012-axxdbsxcmk
-
MD5
3799833548a3e8bdd526ae0ed3398913
-
SHA1
2ef660ea22a7e134196b464c9bddffd6b0d2b045
-
SHA256
6dae0159d5da508bf4fadc7a19fba5d13d3494d75db63713ac54fc0c31b09d6e
-
SHA512
3297bea07f15ebae219e913a94c425bac4bf6c6539f03c3597f9a8b6f16c5d629c5bf879e35356e131aa0311179d4a58fe5d8a150f03d90e9f22c9257b8209d2
-
SSDEEP
3072:FUCyJ/p6r/INNEfINdo4OpqkjdrfRL9OcEG7O8HVbdnj36vY058siwx5J:KCHfIM4Opb7klkbC5Dis
Behavioral task
behavioral1
Sample
3799833548a3e8bdd526ae0ed3398913_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3799833548a3e8bdd526ae0ed3398913_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
3799833548a3e8bdd526ae0ed3398913_JaffaCakes118
-
Size
165KB
-
MD5
3799833548a3e8bdd526ae0ed3398913
-
SHA1
2ef660ea22a7e134196b464c9bddffd6b0d2b045
-
SHA256
6dae0159d5da508bf4fadc7a19fba5d13d3494d75db63713ac54fc0c31b09d6e
-
SHA512
3297bea07f15ebae219e913a94c425bac4bf6c6539f03c3597f9a8b6f16c5d629c5bf879e35356e131aa0311179d4a58fe5d8a150f03d90e9f22c9257b8209d2
-
SSDEEP
3072:FUCyJ/p6r/INNEfINdo4OpqkjdrfRL9OcEG7O8HVbdnj36vY058siwx5J:KCHfIM4Opb7klkbC5Dis
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1