General
-
Target
83ad17a4797b7df95e8651f6b54f7e9b_JaffaCakes118
-
Size
458KB
-
Sample
241031-z3tbasvpbp
-
MD5
83ad17a4797b7df95e8651f6b54f7e9b
-
SHA1
8437599907142b630bc37dffcafd40bc966233a5
-
SHA256
4ba1c62692439f9abe1b64b9b3d61d267b0cb364dc7763c8773a886772601123
-
SHA512
3e62923ebff33c9cbf31b137fe1e286c15b5c2c0b6b546ca6a57b11e270b4c0e6059d5babc1b07cddc889b1eda91350bf556cf3c951c01e197e5611a0500a0c8
-
SSDEEP
12288:eMmvF3ocOkhQQJi0zaVAw4IAZw6sHpQ8LaYZLeMm:e/N3oghn8Aw41FsHpDaYZLeMm
Behavioral task
behavioral1
Sample
83ad17a4797b7df95e8651f6b54f7e9b_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
83ad17a4797b7df95e8651f6b54f7e9b_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
83ad17a4797b7df95e8651f6b54f7e9b_JaffaCakes118
-
Size
458KB
-
MD5
83ad17a4797b7df95e8651f6b54f7e9b
-
SHA1
8437599907142b630bc37dffcafd40bc966233a5
-
SHA256
4ba1c62692439f9abe1b64b9b3d61d267b0cb364dc7763c8773a886772601123
-
SHA512
3e62923ebff33c9cbf31b137fe1e286c15b5c2c0b6b546ca6a57b11e270b4c0e6059d5babc1b07cddc889b1eda91350bf556cf3c951c01e197e5611a0500a0c8
-
SSDEEP
12288:eMmvF3ocOkhQQJi0zaVAw4IAZw6sHpQ8LaYZLeMm:e/N3oghn8Aw41FsHpDaYZLeMm
Score8/10-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-