General
-
Target
5c51ce07c20e284ef82ebcf97b0c458c_JaffaCakes118
-
Size
524KB
-
Sample
240520-a3bzksbe78
-
MD5
5c51ce07c20e284ef82ebcf97b0c458c
-
SHA1
056564a02f3649482d2d1bb007b793490ad55f15
-
SHA256
b3950ee318b536bf924274c64121b4bf87a85e2f4888ca91651c905dd02e612f
-
SHA512
89512305aa16d9a0baaefac55032f2343ddb6ea64a01c1b12b6f0b3cc0b7800cdb4e5745de9050308efd4b09f498eadf3529c758d4616be0b28fac9edd33c0bf
-
SSDEEP
12288:8nwOhqtqT4M705kkuR+/z5cvBZdH14RSj2XUjPONNy:8nwPqTDCkkuR+/k7H1Mq2EjPONI
Static task
static1
Behavioral task
behavioral1
Sample
5c51ce07c20e284ef82ebcf97b0c458c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5c51ce07c20e284ef82ebcf97b0c458c_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
5c51ce07c20e284ef82ebcf97b0c458c_JaffaCakes118
-
Size
524KB
-
MD5
5c51ce07c20e284ef82ebcf97b0c458c
-
SHA1
056564a02f3649482d2d1bb007b793490ad55f15
-
SHA256
b3950ee318b536bf924274c64121b4bf87a85e2f4888ca91651c905dd02e612f
-
SHA512
89512305aa16d9a0baaefac55032f2343ddb6ea64a01c1b12b6f0b3cc0b7800cdb4e5745de9050308efd4b09f498eadf3529c758d4616be0b28fac9edd33c0bf
-
SSDEEP
12288:8nwOhqtqT4M705kkuR+/z5cvBZdH14RSj2XUjPONNy:8nwPqTDCkkuR+/k7H1Mq2EjPONI
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-