General
-
Target
7ff5d683c57321254522e666812a7263_JaffaCakes118
-
Size
40KB
-
Sample
241030-t3cewsxdnh
-
MD5
7ff5d683c57321254522e666812a7263
-
SHA1
ca12cd5afc0edb363b285dc114b716a5a0cc2138
-
SHA256
e6bd8e62589de8b7260f0bd14f65d9d8c09856b21ef9bce091f5cfde40f33ac8
-
SHA512
d321cb7b811802335045a1a644ca804e38181e17d524bfa90f15ba4aed27a78f98eeea7ccbf8fac0b41c166dcce3ce4a8491d9947df4b7057aa4dd2342e23a61
-
SSDEEP
384:LkRwSpE+kp96qtZyB+RNngqPBKjBDWzbHf5d44oxvoc9UFjgiAQkmZrOtU:Y9pE+kpwqPyERNhBk6zlqFofbBf5O6
Static task
static1
Behavioral task
behavioral1
Sample
7ff5d683c57321254522e666812a7263_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7ff5d683c57321254522e666812a7263_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7ff5d683c57321254522e666812a7263_JaffaCakes118
-
Size
40KB
-
MD5
7ff5d683c57321254522e666812a7263
-
SHA1
ca12cd5afc0edb363b285dc114b716a5a0cc2138
-
SHA256
e6bd8e62589de8b7260f0bd14f65d9d8c09856b21ef9bce091f5cfde40f33ac8
-
SHA512
d321cb7b811802335045a1a644ca804e38181e17d524bfa90f15ba4aed27a78f98eeea7ccbf8fac0b41c166dcce3ce4a8491d9947df4b7057aa4dd2342e23a61
-
SSDEEP
384:LkRwSpE+kp96qtZyB+RNngqPBKjBDWzbHf5d44oxvoc9UFjgiAQkmZrOtU:Y9pE+kpwqPyERNhBk6zlqFofbBf5O6
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-