General
-
Target
e5b52ad58c43973146e8e42f69408687_JaffaCakes118
-
Size
43KB
-
Sample
240407-ydpfdach96
-
MD5
e5b52ad58c43973146e8e42f69408687
-
SHA1
47abee153264ce6b4ef08a1297de58309be32d3f
-
SHA256
c0a2985f65607f4e3ca7a40e458c3bc222b0766e6deb719198020573e5e94c15
-
SHA512
49265ede053c39efd3dc83116a3636addb862044a549e52c35e7fff132d252181facf93cf28da33bbfea361d5023c093050a1f37db7c0997bd12782bab7b6439
-
SSDEEP
768:a78ziTtgpWKaERWQXhhZ9046fxqJBNrE6thD3tSiL1ha0vGjJa:upJgVXhhufxqJBtECAi5E0v0a
Static task
static1
Behavioral task
behavioral1
Sample
e5b52ad58c43973146e8e42f69408687_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
e5b52ad58c43973146e8e42f69408687_JaffaCakes118
-
Size
43KB
-
MD5
e5b52ad58c43973146e8e42f69408687
-
SHA1
47abee153264ce6b4ef08a1297de58309be32d3f
-
SHA256
c0a2985f65607f4e3ca7a40e458c3bc222b0766e6deb719198020573e5e94c15
-
SHA512
49265ede053c39efd3dc83116a3636addb862044a549e52c35e7fff132d252181facf93cf28da33bbfea361d5023c093050a1f37db7c0997bd12782bab7b6439
-
SSDEEP
768:a78ziTtgpWKaERWQXhhZ9046fxqJBNrE6thD3tSiL1ha0vGjJa:upJgVXhhufxqJBtECAi5E0v0a
-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-