General
-
Target
6512ee54cb87daf804d1d337785c947e_JaffaCakes118
-
Size
1.5MB
-
Sample
241021-bvtp4atcmj
-
MD5
6512ee54cb87daf804d1d337785c947e
-
SHA1
6e29351ed23c4b14d731a36c789e08cea5f8eb5e
-
SHA256
fe2a40f78f2acb54fb1675bbe256de830d9c78ff813818d7335b98ce8b2bb3e6
-
SHA512
a7725fee1f1a90fe6b0571cf293b028f4128ac5baf62f64cc3b6ba20d7c412437918096c86b005411bb922b42f020c393980965f0ec7c16b000a8e0773da96b7
-
SSDEEP
24576:+DWHSb4Nc0yPFtkTb67tzzM9DvVIJV1rliDpL9Dh7qd2P69EuKA+R:t846kKzzKVIJ5+pLTpP699Kn
Static task
static1
Behavioral task
behavioral1
Sample
6512ee54cb87daf804d1d337785c947e_JaffaCakes118.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
6512ee54cb87daf804d1d337785c947e_JaffaCakes118
-
Size
1.5MB
-
MD5
6512ee54cb87daf804d1d337785c947e
-
SHA1
6e29351ed23c4b14d731a36c789e08cea5f8eb5e
-
SHA256
fe2a40f78f2acb54fb1675bbe256de830d9c78ff813818d7335b98ce8b2bb3e6
-
SHA512
a7725fee1f1a90fe6b0571cf293b028f4128ac5baf62f64cc3b6ba20d7c412437918096c86b005411bb922b42f020c393980965f0ec7c16b000a8e0773da96b7
-
SSDEEP
24576:+DWHSb4Nc0yPFtkTb67tzzM9DvVIJV1rliDpL9Dh7qd2P69EuKA+R:t846kKzzKVIJ5+pLTpP699Kn
-
Detects Echelon Stealer payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1