General
-
Target
1554ba4da5ebb3f1a3569f76fbcf8fcf_JaffaCakes118
-
Size
47KB
-
Sample
240627-kekxpathlp
-
MD5
1554ba4da5ebb3f1a3569f76fbcf8fcf
-
SHA1
f41f1adc228d717686f802da4c3cf8e5d7979f64
-
SHA256
6f48ee57a66e9beac78c2ee53b9adb57abb0bc42231877a5d73c8a039e35e287
-
SHA512
ae0abb5dfbbd667dcb11d5c975ebc1f9ec0987e5eacf6036b45e3f6f1ff76ad95e0a877f46242838719b2b91c49049011cc8185c10b4de3877ea9ddc6c7d3041
-
SSDEEP
768:23nOcThRrURtoEc2vQ3qJJqMUJBtM2W+NA1RGbI8zWzgmQPhlISITA5JBFN09dLf:2eUCwXSJJABeENnbp6z5SQkHi
Behavioral task
behavioral1
Sample
1554ba4da5ebb3f1a3569f76fbcf8fcf_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1554ba4da5ebb3f1a3569f76fbcf8fcf_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1554ba4da5ebb3f1a3569f76fbcf8fcf_JaffaCakes118
-
Size
47KB
-
MD5
1554ba4da5ebb3f1a3569f76fbcf8fcf
-
SHA1
f41f1adc228d717686f802da4c3cf8e5d7979f64
-
SHA256
6f48ee57a66e9beac78c2ee53b9adb57abb0bc42231877a5d73c8a039e35e287
-
SHA512
ae0abb5dfbbd667dcb11d5c975ebc1f9ec0987e5eacf6036b45e3f6f1ff76ad95e0a877f46242838719b2b91c49049011cc8185c10b4de3877ea9ddc6c7d3041
-
SSDEEP
768:23nOcThRrURtoEc2vQ3qJJqMUJBtM2W+NA1RGbI8zWzgmQPhlISITA5JBFN09dLf:2eUCwXSJJABeENnbp6z5SQkHi
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-