General
-
Target
03c0954cc211afe37bdba2e523ba7e43_JaffaCakes118
-
Size
655KB
-
Sample
240427-18hx7aab2s
-
MD5
03c0954cc211afe37bdba2e523ba7e43
-
SHA1
3bcc6f3e3312f1a6ef73df0f901888e9e2a947dd
-
SHA256
645d4d4813a9042d9682f830e7453457d62f96b0ec6a135a0a71da8e66a8ce6c
-
SHA512
e681f62ac0fb6014f2a3d7edcd21a8109eadb894769bbe665ead835e008203ef838684142dfaf45e77e268a363ad8db4d6f0ec04ae7b1832e428cb3dd739a9a3
-
SSDEEP
12288:C1heIHTECcwLbmMkSxB2Filn+rKibmeeJC5LOFKGE3KoHKWfw0d7x1+ZR9Xz:4eIfz3ajKZeeJrmKoHu+l0H9Xz
Behavioral task
behavioral1
Sample
03c0954cc211afe37bdba2e523ba7e43_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
03c0954cc211afe37bdba2e523ba7e43_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
03c0954cc211afe37bdba2e523ba7e43_JaffaCakes118
-
Size
655KB
-
MD5
03c0954cc211afe37bdba2e523ba7e43
-
SHA1
3bcc6f3e3312f1a6ef73df0f901888e9e2a947dd
-
SHA256
645d4d4813a9042d9682f830e7453457d62f96b0ec6a135a0a71da8e66a8ce6c
-
SHA512
e681f62ac0fb6014f2a3d7edcd21a8109eadb894769bbe665ead835e008203ef838684142dfaf45e77e268a363ad8db4d6f0ec04ae7b1832e428cb3dd739a9a3
-
SSDEEP
12288:C1heIHTECcwLbmMkSxB2Filn+rKibmeeJC5LOFKGE3KoHKWfw0d7x1+ZR9Xz:4eIfz3ajKZeeJrmKoHu+l0H9Xz
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-