General
-
Target
fdfd30f62f5acfa786fa6c3683483ed0_JaffaCakes118
-
Size
764KB
-
Sample
241219-cel6rasjax
-
MD5
fdfd30f62f5acfa786fa6c3683483ed0
-
SHA1
a18da8343bed1fc3afa2b8a61dbe920adea96008
-
SHA256
b7f66d90407d2c446d179d3e0c224311b7d23c2f2079a9ea038074a016a850d1
-
SHA512
fda68da06dbd7d8ddb4dd45102c2216e0d2bf5e581a975d006ea2e58d3819163a7d29b42f733c1a702f0bff6cef3f6383a16875593aa520d4fab6abfd8c0cacc
-
SSDEEP
12288:Bfbh3edoSdPDze9LBApPsKNoeP313umLcUmyqC+N/jXI0:NR8oYzS12PVaA3LLRHqC+ljX
Behavioral task
behavioral1
Sample
fdfd30f62f5acfa786fa6c3683483ed0_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
fdfd30f62f5acfa786fa6c3683483ed0_JaffaCakes118
-
Size
764KB
-
MD5
fdfd30f62f5acfa786fa6c3683483ed0
-
SHA1
a18da8343bed1fc3afa2b8a61dbe920adea96008
-
SHA256
b7f66d90407d2c446d179d3e0c224311b7d23c2f2079a9ea038074a016a850d1
-
SHA512
fda68da06dbd7d8ddb4dd45102c2216e0d2bf5e581a975d006ea2e58d3819163a7d29b42f733c1a702f0bff6cef3f6383a16875593aa520d4fab6abfd8c0cacc
-
SSDEEP
12288:Bfbh3edoSdPDze9LBApPsKNoeP313umLcUmyqC+N/jXI0:NR8oYzS12PVaA3LLRHqC+ljX
-
Darkcomet family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-