General
-
Target
bb9041487b7d966260d47bd32121f486_JaffaCakes118
-
Size
1.0MB
-
Sample
240618-m18xrazhjb
-
MD5
bb9041487b7d966260d47bd32121f486
-
SHA1
fac43df33eaa4b6f6b26db715d3dee6dc23b0c1a
-
SHA256
b6e05c886b442ab58f3d8210125570a8b195f44e6940c9bc84a317fb5cda7de1
-
SHA512
ac81d2d512906b64b416990c7b687e2efe9ae3e7907ded6296f2b325979b3d9d679565eedf841619fb3415808e084dfcdb1c44aae0545a9db2c7bbf04e715356
-
SSDEEP
12288:nM/VGR9lbM/VGR9lf+YcwRmLMne8tJqU5XfLDycIK0XmCvqUS:M/VGe/VGhV9EkLGc90Pv
Static task
static1
Behavioral task
behavioral1
Sample
bb9041487b7d966260d47bd32121f486_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bb9041487b7d966260d47bd32121f486_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
bb9041487b7d966260d47bd32121f486_JaffaCakes118
-
Size
1.0MB
-
MD5
bb9041487b7d966260d47bd32121f486
-
SHA1
fac43df33eaa4b6f6b26db715d3dee6dc23b0c1a
-
SHA256
b6e05c886b442ab58f3d8210125570a8b195f44e6940c9bc84a317fb5cda7de1
-
SHA512
ac81d2d512906b64b416990c7b687e2efe9ae3e7907ded6296f2b325979b3d9d679565eedf841619fb3415808e084dfcdb1c44aae0545a9db2c7bbf04e715356
-
SSDEEP
12288:nM/VGR9lbM/VGR9lf+YcwRmLMne8tJqU5XfLDycIK0XmCvqUS:M/VGe/VGhV9EkLGc90Pv
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-