General
-
Target
JaffaCakes118_d00acf4b571383eb48cb7a06b8bc8d85
-
Size
2.7MB
-
Sample
250422-26rb8azxhy
-
MD5
d00acf4b571383eb48cb7a06b8bc8d85
-
SHA1
224047bc05d03d6f9f5154e2eb293a8453b7c576
-
SHA256
8705f1cd2755aa9ad15afacba9ddb6d25cc7398bf53e9ed7edb51c6f7e527bbe
-
SHA512
25f0323b473da62a7c4378ad07b879b5325aaded453481a1d6ed41260a001935ff2ab48ecb443fc363e56887686004d5f323daaa068dd78d0e9313e70bea6da0
-
SSDEEP
49152:1AJYJOsBs2vL52JmKkD/ixmIusQwxYnt/oEmgOOjj6MJiWqiPpHEt01aPBL4DRJ/:GJYJrK2vL52J+D/igIujsYtg3gOOjj6A
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_d00acf4b571383eb48cb7a06b8bc8d85.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral2
Sample
JaffaCakes118_d00acf4b571383eb48cb7a06b8bc8d85.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
JaffaCakes118_d00acf4b571383eb48cb7a06b8bc8d85
-
Size
2.7MB
-
MD5
d00acf4b571383eb48cb7a06b8bc8d85
-
SHA1
224047bc05d03d6f9f5154e2eb293a8453b7c576
-
SHA256
8705f1cd2755aa9ad15afacba9ddb6d25cc7398bf53e9ed7edb51c6f7e527bbe
-
SHA512
25f0323b473da62a7c4378ad07b879b5325aaded453481a1d6ed41260a001935ff2ab48ecb443fc363e56887686004d5f323daaa068dd78d0e9313e70bea6da0
-
SSDEEP
49152:1AJYJOsBs2vL52JmKkD/ixmIusQwxYnt/oEmgOOjj6MJiWqiPpHEt01aPBL4DRJ/:GJYJrK2vL52J+D/igIujsYtg3gOOjj6A
-
Disables service(s)
-
Rms family
-
Indicator Removal: Network Share Connection Removal
Adversaries may remove share connections that are no longer useful in order to clean up traces of their operation.
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v16
Execution
Command and Scripting Interpreter
1JavaScript
1System Services
1Service Execution
1Persistence
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Disable or Modify System Firewall
1Indicator Removal
1Network Share Connection Removal
1Modify Registry
1