General
-
Target
810f2ad9d52331a896b57da895d16281_JaffaCakes118
-
Size
184KB
-
Sample
241031-b3fhfawgqm
-
MD5
810f2ad9d52331a896b57da895d16281
-
SHA1
4c06a227758facf9d2c3f0576ed6ed1b85d4473c
-
SHA256
77df2e86383a540e1574b10ba94de63eed263722246bd521b298ecc497491d36
-
SHA512
a793cbefc41ff5f088944c04c9c4004addbe1ff97234c68a9d9179035e9756c6def91dae4db906946226ab2b3dffa427bc4d9cda3b65560529bf4800b700865e
-
SSDEEP
3072:2S/FUVwWrIQ9E9pwjzmdfEQ79gfzX551B16lFTTTNhUGCuRFujRYORE:JNRcqWj6lkUFujRU
Static task
static1
Behavioral task
behavioral1
Sample
810f2ad9d52331a896b57da895d16281_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
810f2ad9d52331a896b57da895d16281_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
810f2ad9d52331a896b57da895d16281_JaffaCakes118
-
Size
184KB
-
MD5
810f2ad9d52331a896b57da895d16281
-
SHA1
4c06a227758facf9d2c3f0576ed6ed1b85d4473c
-
SHA256
77df2e86383a540e1574b10ba94de63eed263722246bd521b298ecc497491d36
-
SHA512
a793cbefc41ff5f088944c04c9c4004addbe1ff97234c68a9d9179035e9756c6def91dae4db906946226ab2b3dffa427bc4d9cda3b65560529bf4800b700865e
-
SSDEEP
3072:2S/FUVwWrIQ9E9pwjzmdfEQ79gfzX551B16lFTTTNhUGCuRFujRYORE:JNRcqWj6lkUFujRU
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-