General
-
Target
e97eed9881c697283855251ac5b6cb0c_JaffaCakes118
-
Size
3.3MB
-
Sample
240409-jlyaxshh39
-
MD5
e97eed9881c697283855251ac5b6cb0c
-
SHA1
4bf0c7d1dd45ee2c5f240cc8988031200f631217
-
SHA256
be995bb944648d74b6b28c0712cd6f4456163881b05dcd19b775a4b798cfe3c5
-
SHA512
a03b8562bd7864717a23be98c5a98592af00e36cc390fdb6c7ced0fcef9ee6c640d4fe29519ad00c12ac9e4ee66d973038e4c0f0acc882b252def2e6018783c0
-
SSDEEP
98304:ezC3MYlGTnRVWqH4SatiAvCtt46kaGHPqnrJvQsR:ezC3MY+nRVWk4SatiAvJLyrdQ
Behavioral task
behavioral1
Sample
e97eed9881c697283855251ac5b6cb0c_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
e97eed9881c697283855251ac5b6cb0c_JaffaCakes118
-
Size
3.3MB
-
MD5
e97eed9881c697283855251ac5b6cb0c
-
SHA1
4bf0c7d1dd45ee2c5f240cc8988031200f631217
-
SHA256
be995bb944648d74b6b28c0712cd6f4456163881b05dcd19b775a4b798cfe3c5
-
SHA512
a03b8562bd7864717a23be98c5a98592af00e36cc390fdb6c7ced0fcef9ee6c640d4fe29519ad00c12ac9e4ee66d973038e4c0f0acc882b252def2e6018783c0
-
SSDEEP
98304:ezC3MYlGTnRVWqH4SatiAvCtt46kaGHPqnrJvQsR:ezC3MY+nRVWk4SatiAvJLyrdQ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-