General
-
Target
2619f1bcec24666f7ba94f5077474d88_JaffaCakes118
-
Size
350KB
-
Sample
240704-ywswhsyfpa
-
MD5
2619f1bcec24666f7ba94f5077474d88
-
SHA1
f1596187510b18584d56c8f9f861cb87f62fe0fe
-
SHA256
30bc4b2410e5caa5cd4675c884e2010eab617f4860bddf0959d62d620d62025f
-
SHA512
252e70ae912b61528cd0904d8974e6a33b69de05c423e532d76c5c6679f970c1a2eab8b7978f46b415746ec0fa1306e689c66ce28df77e662f7206960c15c37f
-
SSDEEP
6144:gDCwfG1bnxLERR9sadDCwfG1bnxLERR9sat:g72bntEL9/d72bntEL9/t
Static task
static1
Behavioral task
behavioral1
Sample
2619f1bcec24666f7ba94f5077474d88_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2619f1bcec24666f7ba94f5077474d88_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2619f1bcec24666f7ba94f5077474d88_JaffaCakes118
-
Size
350KB
-
MD5
2619f1bcec24666f7ba94f5077474d88
-
SHA1
f1596187510b18584d56c8f9f861cb87f62fe0fe
-
SHA256
30bc4b2410e5caa5cd4675c884e2010eab617f4860bddf0959d62d620d62025f
-
SHA512
252e70ae912b61528cd0904d8974e6a33b69de05c423e532d76c5c6679f970c1a2eab8b7978f46b415746ec0fa1306e689c66ce28df77e662f7206960c15c37f
-
SSDEEP
6144:gDCwfG1bnxLERR9sadDCwfG1bnxLERR9sat:g72bntEL9/d72bntEL9/t
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-