General
-
Target
53b5d7d186c6efd50f5108b7ee3a4f88_JaffaCakes118
-
Size
142KB
-
Sample
241017-ztqh2swdmg
-
MD5
53b5d7d186c6efd50f5108b7ee3a4f88
-
SHA1
b5db1425c957c2e4bbc2ab95a6286bb26271c0ed
-
SHA256
80b7777fed262a71f69254a339f2622f72cf2804d2bbaedc59f5d9e81f5826af
-
SHA512
67591a22aa78c63abadfc3f40132234545754c7f3af83636f300bc181422d933c37811756bf60c7fdb7730ba8c91600fa806d3624c1031334c53a1c668139a66
-
SSDEEP
3072:gLk395hYXJVyc77e2/VguhT5LaLg+hMv+uVn/66mYMCpGmGhMfxeTi:gQqXy+7NxhTv+7uRmv2KCpGi
Static task
static1
Behavioral task
behavioral1
Sample
53b5d7d186c6efd50f5108b7ee3a4f88_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
53b5d7d186c6efd50f5108b7ee3a4f88_JaffaCakes118
-
Size
142KB
-
MD5
53b5d7d186c6efd50f5108b7ee3a4f88
-
SHA1
b5db1425c957c2e4bbc2ab95a6286bb26271c0ed
-
SHA256
80b7777fed262a71f69254a339f2622f72cf2804d2bbaedc59f5d9e81f5826af
-
SHA512
67591a22aa78c63abadfc3f40132234545754c7f3af83636f300bc181422d933c37811756bf60c7fdb7730ba8c91600fa806d3624c1031334c53a1c668139a66
-
SSDEEP
3072:gLk395hYXJVyc77e2/VguhT5LaLg+hMv+uVn/66mYMCpGmGhMfxeTi:gQqXy+7NxhTv+7uRmv2KCpGi
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-