General
-
Target
4cab1d59f6da19b76b72056eefad8d2a_JaffaCakes118
-
Size
237KB
-
Sample
241016-nxaffs1fnm
-
MD5
4cab1d59f6da19b76b72056eefad8d2a
-
SHA1
c41c31195d87c714d15a29f73d8f10bfee20ec59
-
SHA256
91ba7acac297e771f784b4c0fe03bea9364fd896479d04ef789ae88d67189294
-
SHA512
0a0ca258fd57751a0d8385130e833e434a9eb3bb66217a7203aafda6c9dac99cc249110c89cb41266396bb843f97c9720cff2324f0425204724fcd35a7a713e2
-
SSDEEP
3072:K8ASpvo0LKrXEX65ezpxJ2kbJ7mv73E2o/9sY2Z:ZASpvo0LKkRzpxJ2kRqroiZ
Behavioral task
behavioral1
Sample
4cab1d59f6da19b76b72056eefad8d2a_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
urelas
112.175.88.207
112.175.88.208
Targets
-
-
Target
4cab1d59f6da19b76b72056eefad8d2a_JaffaCakes118
-
Size
237KB
-
MD5
4cab1d59f6da19b76b72056eefad8d2a
-
SHA1
c41c31195d87c714d15a29f73d8f10bfee20ec59
-
SHA256
91ba7acac297e771f784b4c0fe03bea9364fd896479d04ef789ae88d67189294
-
SHA512
0a0ca258fd57751a0d8385130e833e434a9eb3bb66217a7203aafda6c9dac99cc249110c89cb41266396bb843f97c9720cff2324f0425204724fcd35a7a713e2
-
SSDEEP
3072:K8ASpvo0LKrXEX65ezpxJ2kbJ7mv73E2o/9sY2Z:ZASpvo0LKkRzpxJ2kRqroiZ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-