General
-
Target
815566cfa896c06cff241371523c4acd_JaffaCakes118
-
Size
10.1MB
-
Sample
241031-dg9khaycrp
-
MD5
815566cfa896c06cff241371523c4acd
-
SHA1
a0d3e1319f3790fea994396a5701b1b1b3c31239
-
SHA256
67cc8e079c9f46aaa2c174288ca62ff8c2b790fd4168f816be736ef972a45816
-
SHA512
1c34bdc22dbc21a1501940c5171128a6f77e66fb78aebf5ec3fd9c0316bc07ede9d0b7989fdfd58278c910f74d5acac2d0f3e7f1ed0cc483c94c0eca78bfc70b
-
SSDEEP
196608:cmbZsMDGwfXB1MuUEMP4gGgeBGDF+KSwstsNOxsx54GTv3piOMHrIppUrqbr/WLc:jbXSwfoEMP4AeBKF+KSwstfxBsd1qvQx
Static task
static1
Behavioral task
behavioral1
Sample
815566cfa896c06cff241371523c4acd_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
815566cfa896c06cff241371523c4acd_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
815566cfa896c06cff241371523c4acd_JaffaCakes118
-
Size
10.1MB
-
MD5
815566cfa896c06cff241371523c4acd
-
SHA1
a0d3e1319f3790fea994396a5701b1b1b3c31239
-
SHA256
67cc8e079c9f46aaa2c174288ca62ff8c2b790fd4168f816be736ef972a45816
-
SHA512
1c34bdc22dbc21a1501940c5171128a6f77e66fb78aebf5ec3fd9c0316bc07ede9d0b7989fdfd58278c910f74d5acac2d0f3e7f1ed0cc483c94c0eca78bfc70b
-
SSDEEP
196608:cmbZsMDGwfXB1MuUEMP4gGgeBGDF+KSwstsNOxsx54GTv3piOMHrIppUrqbr/WLc:jbXSwfoEMP4AeBKF+KSwstfxBsd1qvQx
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Legitimate hosting services abused for malware hosting/C2
-