General
-
Target
ff2b44271e9fc1445eed772127711c2c_JaffaCakes118
-
Size
510KB
-
Sample
241219-kh2plsxnel
-
MD5
ff2b44271e9fc1445eed772127711c2c
-
SHA1
021f59e4188045c81865b5cfe39aef317ba16254
-
SHA256
57c9cd06c2af5592ce38d3246112878ca76ca875e91cb90f569cfdfe303428f5
-
SHA512
44ad99cb4419b7aa7bf28d9d1ca3178935e66ab7a10cda835ffeace8a4ea550dbba5ad684d7a8b487c1cde313f1d58a7ff055259812d9f1d5764e75943f36ba1
-
SSDEEP
12288:j/fCEOMsm8nc3qWQ8wqKhb43nLl5tDrXlFV:j/D0caF8wvhb43pDbV
Behavioral task
behavioral1
Sample
ff2b44271e9fc1445eed772127711c2c_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
urelas
1.234.83.146
133.242.129.155
218.54.31.226
218.54.30.235
218.54.31.165
Targets
-
-
Target
ff2b44271e9fc1445eed772127711c2c_JaffaCakes118
-
Size
510KB
-
MD5
ff2b44271e9fc1445eed772127711c2c
-
SHA1
021f59e4188045c81865b5cfe39aef317ba16254
-
SHA256
57c9cd06c2af5592ce38d3246112878ca76ca875e91cb90f569cfdfe303428f5
-
SHA512
44ad99cb4419b7aa7bf28d9d1ca3178935e66ab7a10cda835ffeace8a4ea550dbba5ad684d7a8b487c1cde313f1d58a7ff055259812d9f1d5764e75943f36ba1
-
SSDEEP
12288:j/fCEOMsm8nc3qWQ8wqKhb43nLl5tDrXlFV:j/D0caF8wvhb43pDbV
-
Urelas family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-