General
-
Target
e3ac086e05519d02d084b21de51612ba_JaffaCakes118
-
Size
740KB
-
Sample
241211-3eygwswrdl
-
MD5
e3ac086e05519d02d084b21de51612ba
-
SHA1
db22753a6d45ad3f7643be0bb3deefe088bfc976
-
SHA256
93ebe4ba70b2d0b1d256d395fcc1bdca173ac7c1840bf92baaa5daf3f905c89f
-
SHA512
ef8c9b8029893e23afe72b36bb836045f66ddb4881e6555a0dfce5f3fe093bc051c9df360d923fc0100b07ac5764210298dab9deaf83e677bfee6c8ea41cee48
-
SSDEEP
12288:XMMz37ac3XEDhkx9vFD5PJ8FSwq0TqvG7V1UnjrsaWgz/Hdsaeh3x:XZz37acHENkjvvPqFSwq0TquR1YAaWG2
Static task
static1
Behavioral task
behavioral1
Sample
e3ac086e05519d02d084b21de51612ba_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
e3ac086e05519d02d084b21de51612ba_JaffaCakes118
-
Size
740KB
-
MD5
e3ac086e05519d02d084b21de51612ba
-
SHA1
db22753a6d45ad3f7643be0bb3deefe088bfc976
-
SHA256
93ebe4ba70b2d0b1d256d395fcc1bdca173ac7c1840bf92baaa5daf3f905c89f
-
SHA512
ef8c9b8029893e23afe72b36bb836045f66ddb4881e6555a0dfce5f3fe093bc051c9df360d923fc0100b07ac5764210298dab9deaf83e677bfee6c8ea41cee48
-
SSDEEP
12288:XMMz37ac3XEDhkx9vFD5PJ8FSwq0TqvG7V1UnjrsaWgz/Hdsaeh3x:XZz37acHENkjvvPqFSwq0TquR1YAaWG2
-
Darkcomet family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-