General
-
Target
d262a53708e0128ff0db1484f4a50512_JaffaCakes118
-
Size
36KB
-
Sample
241207-pc89qaxldn
-
MD5
d262a53708e0128ff0db1484f4a50512
-
SHA1
fd347128d61997574adbaef7b5c4eff854c3d8e5
-
SHA256
882fcd73faf4bf54aca2b8f30333d4cf8e6e643664ae1dd994938ee6c1b8e810
-
SHA512
d4efae4ba6b07dca054521d44cec346f7cc3d6f7da48bf50cdd5c2e60459017e1bcda393e9fb11adba2050bd35dbd34d32fe3b1b7e770ea762a59abcc230e54d
-
SSDEEP
768:H1xwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv26S7DR:nwbYP4nuEApQK4TQbtY2gA9DX+ytBOd
Static task
static1
Behavioral task
behavioral1
Sample
d262a53708e0128ff0db1484f4a50512_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d262a53708e0128ff0db1484f4a50512_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d262a53708e0128ff0db1484f4a50512_JaffaCakes118
-
Size
36KB
-
MD5
d262a53708e0128ff0db1484f4a50512
-
SHA1
fd347128d61997574adbaef7b5c4eff854c3d8e5
-
SHA256
882fcd73faf4bf54aca2b8f30333d4cf8e6e643664ae1dd994938ee6c1b8e810
-
SHA512
d4efae4ba6b07dca054521d44cec346f7cc3d6f7da48bf50cdd5c2e60459017e1bcda393e9fb11adba2050bd35dbd34d32fe3b1b7e770ea762a59abcc230e54d
-
SSDEEP
768:H1xwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv26S7DR:nwbYP4nuEApQK4TQbtY2gA9DX+ytBOd
Score10/10-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1