General
-
Target
fda26ab58b66096bdd8f8e1cb79569c7_JaffaCakes118
-
Size
1.9MB
-
Sample
241219-aa8svaymfn
-
MD5
fda26ab58b66096bdd8f8e1cb79569c7
-
SHA1
d581aa899a4379b39eabd7101c1c5dbfc2c20e75
-
SHA256
c9f50f5cecae36801a6af58c4a963677ac841bd906c9610c81a9459aa4fea12a
-
SHA512
47e0928bc7cbbf6b06e8b6a7e6167005cda7303d04e600f015fe8c4282202b123726c1fbc4b856a55eceed6d12b02a72b12f31bce3f0956e40bcdf2e97a4d90d
-
SSDEEP
49152:Nn9GKSIFhfZRN9pEtAfzrPi37NzHDA6Y0dsfofPB:XnPN9eczrPi37NzHDA6Y0dsfox
Static task
static1
Behavioral task
behavioral1
Sample
fda26ab58b66096bdd8f8e1cb79569c7_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
fda26ab58b66096bdd8f8e1cb79569c7_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
latentbot
yeniceriler.zapto.org
Targets
-
-
Target
fda26ab58b66096bdd8f8e1cb79569c7_JaffaCakes118
-
Size
1.9MB
-
MD5
fda26ab58b66096bdd8f8e1cb79569c7
-
SHA1
d581aa899a4379b39eabd7101c1c5dbfc2c20e75
-
SHA256
c9f50f5cecae36801a6af58c4a963677ac841bd906c9610c81a9459aa4fea12a
-
SHA512
47e0928bc7cbbf6b06e8b6a7e6167005cda7303d04e600f015fe8c4282202b123726c1fbc4b856a55eceed6d12b02a72b12f31bce3f0956e40bcdf2e97a4d90d
-
SSDEEP
49152:Nn9GKSIFhfZRN9pEtAfzrPi37NzHDA6Y0dsfofPB:XnPN9eczrPi37NzHDA6Y0dsfox
Score10/10-
Latentbot family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-