General
-
Target
44ee3154f12827d1273221bb3b62fa69_JaffaCakes118
-
Size
3.2MB
-
Sample
241015-asxhjayamq
-
MD5
44ee3154f12827d1273221bb3b62fa69
-
SHA1
9c25d06cea35b2395808cb7f47517ac53aebd68f
-
SHA256
5952aad5fe80e49a2bf5657aef45442e565f073a3d71eee7777d81ab34cb2214
-
SHA512
9e1de83ce38353f4aae3c6dfd5cd1fa0a959b8691243d2bf791ef63bb397576af224025984db07d3901b852388c82e2a1e70e7ead7e7166dcacb2a5c5101e359
-
SSDEEP
49152:t84/Z7nq6dHRK7mGnJ6m+ODJZQ4HtJzHDu0i0mSN/UjoUXx+ppxXGG4nmAv:tpQER0skDE8tJzHDuImSNmMWJl
Static task
static1
Behavioral task
behavioral1
Sample
44ee3154f12827d1273221bb3b62fa69_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
44ee3154f12827d1273221bb3b62fa69_JaffaCakes118
-
Size
3.2MB
-
MD5
44ee3154f12827d1273221bb3b62fa69
-
SHA1
9c25d06cea35b2395808cb7f47517ac53aebd68f
-
SHA256
5952aad5fe80e49a2bf5657aef45442e565f073a3d71eee7777d81ab34cb2214
-
SHA512
9e1de83ce38353f4aae3c6dfd5cd1fa0a959b8691243d2bf791ef63bb397576af224025984db07d3901b852388c82e2a1e70e7ead7e7166dcacb2a5c5101e359
-
SSDEEP
49152:t84/Z7nq6dHRK7mGnJ6m+ODJZQ4HtJzHDu0i0mSN/UjoUXx+ppxXGG4nmAv:tpQER0skDE8tJzHDuImSNmMWJl
-
Detects Echelon Stealer payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1