General
-
Target
1fedb1fbce0fc41feabd5c54164547b5_JaffaCakes118
-
Size
2.2MB
-
Sample
240702-tf86cazfqf
-
MD5
1fedb1fbce0fc41feabd5c54164547b5
-
SHA1
d75001fa1f4ff2a391aef04a5158b803d54798cd
-
SHA256
6e5988c481f6aeb587b13c8ac878c14a14bae316461f02698025e2abc420ee82
-
SHA512
c5c08e202bd212340e581448dbf6d351ce3fd835313bb05e4b6fb344ba4bb47b9a76d8bba2a4a70c4a3fdcc64fd9fa7fc3926d606482d57abdf0c7323f321521
-
SSDEEP
24576:HnHngD0Mmf9IvYzAne5uxTjpB0GsdYksLtXf+PIDmJusil3P+uuxT8FtrkzqaiP2:nse5+vv1afusa32dg7dAxxHy4ehFK
Static task
static1
Behavioral task
behavioral1
Sample
1fedb1fbce0fc41feabd5c54164547b5_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
1fedb1fbce0fc41feabd5c54164547b5_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
latentbot
yeniceriler.zapto.org
Targets
-
-
Target
1fedb1fbce0fc41feabd5c54164547b5_JaffaCakes118
-
Size
2.2MB
-
MD5
1fedb1fbce0fc41feabd5c54164547b5
-
SHA1
d75001fa1f4ff2a391aef04a5158b803d54798cd
-
SHA256
6e5988c481f6aeb587b13c8ac878c14a14bae316461f02698025e2abc420ee82
-
SHA512
c5c08e202bd212340e581448dbf6d351ce3fd835313bb05e4b6fb344ba4bb47b9a76d8bba2a4a70c4a3fdcc64fd9fa7fc3926d606482d57abdf0c7323f321521
-
SSDEEP
24576:HnHngD0Mmf9IvYzAne5uxTjpB0GsdYksLtXf+PIDmJusil3P+uuxT8FtrkzqaiP2:nse5+vv1afusa32dg7dAxxHy4ehFK
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-