General
-
Target
34354adab5f2ecfc1964c4b5c9624353_JaffaCakes118
-
Size
496KB
-
Sample
241014-pfqa1svdmh
-
MD5
34354adab5f2ecfc1964c4b5c9624353
-
SHA1
0f4f20b27380c1ca5dfd1ab5793aec13268eb6b8
-
SHA256
dcf41e4cfdb5e4aca47a4b5ebdb51dd4fe03ec718528afbb2cc12f8b82dbcef2
-
SHA512
4a695ab2317ad73bc6a8fcc698566595e3f18a6cabebfa7d8a0fbfb02ce530acc507b2bc37f4025e2f4651014e7a3af41889dcb7182881945575868f4fb7fb34
-
SSDEEP
12288:GIEmDz+i2xWEeWHiRI7JqF84lLf32cAzcLij:sA2xeFRI7StMjzmi
Static task
static1
Behavioral task
behavioral1
Sample
34354adab5f2ecfc1964c4b5c9624353_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
34354adab5f2ecfc1964c4b5c9624353_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
34354adab5f2ecfc1964c4b5c9624353_JaffaCakes118
-
Size
496KB
-
MD5
34354adab5f2ecfc1964c4b5c9624353
-
SHA1
0f4f20b27380c1ca5dfd1ab5793aec13268eb6b8
-
SHA256
dcf41e4cfdb5e4aca47a4b5ebdb51dd4fe03ec718528afbb2cc12f8b82dbcef2
-
SHA512
4a695ab2317ad73bc6a8fcc698566595e3f18a6cabebfa7d8a0fbfb02ce530acc507b2bc37f4025e2f4651014e7a3af41889dcb7182881945575868f4fb7fb34
-
SSDEEP
12288:GIEmDz+i2xWEeWHiRI7JqF84lLf32cAzcLij:sA2xeFRI7StMjzmi
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Suspicious use of SetThreadContext
-