General
-
Target
d4bee2f5a634f3b857869f6f64ee0ad7_JaffaCakes118
-
Size
403KB
-
Sample
241208-cl3r3swqfv
-
MD5
d4bee2f5a634f3b857869f6f64ee0ad7
-
SHA1
2d4cda955bc6bbba8809603cb77b67f8f52f240d
-
SHA256
b97ecb6f21b036150b573f4fb698203f466830476e861b78ebdfc3783237eed5
-
SHA512
3348620d03d5d84c27c0df3fbbe0f7e9f273430b1cfff5141116fcaef94e33b40ff26f22421cb9172ca69d4a87d913be62b1057f5ba3712709ac51f991a49c61
-
SSDEEP
12288:ybxmzF9k0IZvQu85iGFoVs4ts/IHPCY35hh:ye3Lt5J2Xts/GqY3l
Static task
static1
Behavioral task
behavioral1
Sample
d4bee2f5a634f3b857869f6f64ee0ad7_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
d4bee2f5a634f3b857869f6f64ee0ad7_JaffaCakes118
-
Size
403KB
-
MD5
d4bee2f5a634f3b857869f6f64ee0ad7
-
SHA1
2d4cda955bc6bbba8809603cb77b67f8f52f240d
-
SHA256
b97ecb6f21b036150b573f4fb698203f466830476e861b78ebdfc3783237eed5
-
SHA512
3348620d03d5d84c27c0df3fbbe0f7e9f273430b1cfff5141116fcaef94e33b40ff26f22421cb9172ca69d4a87d913be62b1057f5ba3712709ac51f991a49c61
-
SSDEEP
12288:ybxmzF9k0IZvQu85iGFoVs4ts/IHPCY35hh:ye3Lt5J2Xts/GqY3l
-
Darkcomet family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-