General
-
Target
14f204348c8a1092929f8de9140a61fc_JaffaCakes118
-
Size
341KB
-
Sample
240627-gw7k8swbqg
-
MD5
14f204348c8a1092929f8de9140a61fc
-
SHA1
2dd400491f442384bad0a653d16a32b4890bfc88
-
SHA256
44c4b503e0e057900c9480c6db018d3a4fd36a963bc573ed9cdeffe8d9254d70
-
SHA512
49e9769fe5ab587baa8c5ba9c71712fb86b324fd1676057ac87e8009ae9728e672de8c92cd10dd190b39b5de353cfe1186c460ff572f4b53ffa21df1ac44f9fa
-
SSDEEP
6144:hFtTlXtdNCMHjDIlqePRJSnteu0tGPJd4Q1FDea7ID5HCFJOZ/FrOFg:BxX7NCAjjePRkouFP8gpfJOZ9a
Static task
static1
Behavioral task
behavioral1
Sample
14f204348c8a1092929f8de9140a61fc_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
14f204348c8a1092929f8de9140a61fc_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
14f204348c8a1092929f8de9140a61fc_JaffaCakes118
-
Size
341KB
-
MD5
14f204348c8a1092929f8de9140a61fc
-
SHA1
2dd400491f442384bad0a653d16a32b4890bfc88
-
SHA256
44c4b503e0e057900c9480c6db018d3a4fd36a963bc573ed9cdeffe8d9254d70
-
SHA512
49e9769fe5ab587baa8c5ba9c71712fb86b324fd1676057ac87e8009ae9728e672de8c92cd10dd190b39b5de353cfe1186c460ff572f4b53ffa21df1ac44f9fa
-
SSDEEP
6144:hFtTlXtdNCMHjDIlqePRJSnteu0tGPJd4Q1FDea7ID5HCFJOZ/FrOFg:BxX7NCAjjePRkouFP8gpfJOZ9a
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-