General
-
Target
JaffaCakes118_236e27a2224e5480ffb3c2ada9fbae11a4bd7fe3dc4df9cb1e90567bf9132956
-
Size
683.0MB
-
Sample
241224-czgrrsyrfx
-
MD5
d57abd0bc2e3205c55e2c640d067dd9c
-
SHA1
1367417d612289d5b260e5b0db4e8f2d125306b7
-
SHA256
236e27a2224e5480ffb3c2ada9fbae11a4bd7fe3dc4df9cb1e90567bf9132956
-
SHA512
a8c175116cabdf22f6fb356174864fe6d05bf50011d203ee50a426706635b516a6446a2e59f05654c75bfb01e0bba0c829ac0adfb8c8d431a12ca19a9e9ecd92
-
SSDEEP
49152:cSpX9ZhA3oCQy/VanXF3zPq0eiXrhXDZf:cSpXzqoCl/VQV3zPqabhXDJ
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_236e27a2224e5480ffb3c2ada9fbae11a4bd7fe3dc4df9cb1e90567bf9132956.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_236e27a2224e5480ffb3c2ada9fbae11a4bd7fe3dc4df9cb1e90567bf9132956.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_236e27a2224e5480ffb3c2ada9fbae11a4bd7fe3dc4df9cb1e90567bf9132956
-
Size
683.0MB
-
MD5
d57abd0bc2e3205c55e2c640d067dd9c
-
SHA1
1367417d612289d5b260e5b0db4e8f2d125306b7
-
SHA256
236e27a2224e5480ffb3c2ada9fbae11a4bd7fe3dc4df9cb1e90567bf9132956
-
SHA512
a8c175116cabdf22f6fb356174864fe6d05bf50011d203ee50a426706635b516a6446a2e59f05654c75bfb01e0bba0c829ac0adfb8c8d431a12ca19a9e9ecd92
-
SSDEEP
49152:cSpX9ZhA3oCQy/VanXF3zPq0eiXrhXDZf:cSpXzqoCl/VQV3zPqabhXDJ
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Netsupport family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-