General
-
Target
2626e3ceb0a5959eb1a4eafe724234ad_JaffaCakes118
-
Size
769KB
-
Sample
240704-zj88eazgjh
-
MD5
2626e3ceb0a5959eb1a4eafe724234ad
-
SHA1
60410283e2430c9667e2d3c58da0f94ed4dd9bb3
-
SHA256
7c3b108ec6887eea992b1883c8640a8f42aa5826eeceb3336982b879ed350077
-
SHA512
022434bdc0b4c039d4cdd11da7d8a14ad9612d13f22f4ded3e5191f0734421cb052e9c7f16434b229cacad6133b5ba397e6c5e08c1bb285f02e78c8327c20ac5
-
SSDEEP
12288:g72bnuJ2372bnuJ2K72bnuJ2372bnuJ24D:g72zV72zQ72zV72zO
Static task
static1
Behavioral task
behavioral1
Sample
2626e3ceb0a5959eb1a4eafe724234ad_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2626e3ceb0a5959eb1a4eafe724234ad_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
2626e3ceb0a5959eb1a4eafe724234ad_JaffaCakes118
-
Size
769KB
-
MD5
2626e3ceb0a5959eb1a4eafe724234ad
-
SHA1
60410283e2430c9667e2d3c58da0f94ed4dd9bb3
-
SHA256
7c3b108ec6887eea992b1883c8640a8f42aa5826eeceb3336982b879ed350077
-
SHA512
022434bdc0b4c039d4cdd11da7d8a14ad9612d13f22f4ded3e5191f0734421cb052e9c7f16434b229cacad6133b5ba397e6c5e08c1bb285f02e78c8327c20ac5
-
SSDEEP
12288:g72bnuJ2372bnuJ2K72bnuJ2372bnuJ24D:g72zV72zQ72zV72zO
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-