General
-
Target
1660787357af48f603acaf97119525bd_JaffaCakes118
-
Size
744KB
-
Sample
240627-r3hksswbrh
-
MD5
1660787357af48f603acaf97119525bd
-
SHA1
2522a2ef048cdf55caf15f92c5192b39b0818dbb
-
SHA256
a893ac99476053412b9babeb140857f437a335ea44fefd2b18752218666d4528
-
SHA512
fdcf7f304049f84f123ebc48eede32fb7e42e24ef7e8f4c1ae5d6144ee694dfb523b7d566825fff5488cb717505727cb8efa99fdc4c89b73c9c1aa48d1b6d973
-
SSDEEP
12288:i8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORix:XUKoN0bUxgGa/pfBHDb+y1HgZ
Behavioral task
behavioral1
Sample
1660787357af48f603acaf97119525bd_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1660787357af48f603acaf97119525bd_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
1660787357af48f603acaf97119525bd_JaffaCakes118
-
Size
744KB
-
MD5
1660787357af48f603acaf97119525bd
-
SHA1
2522a2ef048cdf55caf15f92c5192b39b0818dbb
-
SHA256
a893ac99476053412b9babeb140857f437a335ea44fefd2b18752218666d4528
-
SHA512
fdcf7f304049f84f123ebc48eede32fb7e42e24ef7e8f4c1ae5d6144ee694dfb523b7d566825fff5488cb717505727cb8efa99fdc4c89b73c9c1aa48d1b6d973
-
SSDEEP
12288:i8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORix:XUKoN0bUxgGa/pfBHDb+y1HgZ
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-