General
-
Target
1a16af0922dd982139bf3eac3721480e_JaffaCakes118
-
Size
660KB
-
Sample
240628-pgvbcsyfqc
-
MD5
1a16af0922dd982139bf3eac3721480e
-
SHA1
d97bf367d95b3140eec77221311c3806eac9f00d
-
SHA256
64e971ca34fbd907e30392889d8a05e1a7bdccc237d198b3906643761fd3a0c1
-
SHA512
5ad04f5a1512273e4dcdd5df579a3c8be0404c979fa773e504de03cda2b4eb39222eee84cd7751d4b5fad33a1ba40afe2d708c2ab7ecd6e4a9028bbd79b7bdad
-
SSDEEP
12288:QXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuXksh/fy452Us:2nAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jh
Behavioral task
behavioral1
Sample
1a16af0922dd982139bf3eac3721480e_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1a16af0922dd982139bf3eac3721480e_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1a16af0922dd982139bf3eac3721480e_JaffaCakes118
-
Size
660KB
-
MD5
1a16af0922dd982139bf3eac3721480e
-
SHA1
d97bf367d95b3140eec77221311c3806eac9f00d
-
SHA256
64e971ca34fbd907e30392889d8a05e1a7bdccc237d198b3906643761fd3a0c1
-
SHA512
5ad04f5a1512273e4dcdd5df579a3c8be0404c979fa773e504de03cda2b4eb39222eee84cd7751d4b5fad33a1ba40afe2d708c2ab7ecd6e4a9028bbd79b7bdad
-
SSDEEP
12288:QXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuXksh/fy452Us:2nAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jh
Score10/10-
Modifies WinLogon for persistence
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-