General
-
Target
1a0494c25535b8afcec320508785e0c7_JaffaCakes118
-
Size
646KB
-
Sample
240628-n2fg9sxhqf
-
MD5
1a0494c25535b8afcec320508785e0c7
-
SHA1
681baf728c857e615ffe9cbe08f1d1c288ccdf3a
-
SHA256
0e8b4487dc2329956cfba875d3db8166136c0e8faedab0735f1af63f724ddfda
-
SHA512
11516919e264f6b06fbedc1aada85cf3ca823c2b99613e31c479c182f6e9db7a2a73db986a744984114a78459c8a0c1be254929e3074e8e6ffbd2fa52a2426f9
-
SSDEEP
12288:A8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORixI:5UKoN0bUxgGa/pfBHDb+y1HgZC
Behavioral task
behavioral1
Sample
1a0494c25535b8afcec320508785e0c7_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1a0494c25535b8afcec320508785e0c7_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
1a0494c25535b8afcec320508785e0c7_JaffaCakes118
-
Size
646KB
-
MD5
1a0494c25535b8afcec320508785e0c7
-
SHA1
681baf728c857e615ffe9cbe08f1d1c288ccdf3a
-
SHA256
0e8b4487dc2329956cfba875d3db8166136c0e8faedab0735f1af63f724ddfda
-
SHA512
11516919e264f6b06fbedc1aada85cf3ca823c2b99613e31c479c182f6e9db7a2a73db986a744984114a78459c8a0c1be254929e3074e8e6ffbd2fa52a2426f9
-
SSDEEP
12288:A8UaT9XY2siA0bMG09xD7I3Gg8ecgVvfBoCDBOQQYbVXpuy1f/gORixI:5UKoN0bUxgGa/pfBHDb+y1HgZC
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-