General
-
Target
ea48ee45da1f5a95f28d78f1d1138b40_JaffaCakes118
-
Size
2.5MB
-
Sample
240409-snkmaadh4v
-
MD5
ea48ee45da1f5a95f28d78f1d1138b40
-
SHA1
2f918782735b6231a3de7825d54266460bb6c68c
-
SHA256
693c0903fa5d55b26a0e21f4e876137cfff012e1dabc8ab1ecbf4223802f4f22
-
SHA512
e1c1c323579ca8f6ceba29c77281c7867db3db306da6dcd4be70edd528e49e23acaf8005ad03285395110dde06c6518e385add7a8bdd4cee5b9728a24604888b
-
SSDEEP
49152:6Q/KV6/m1eTl2gbzBmsMjAtrzhAZ6U3wN02cPxyhImAO+:Nm/eTlBzBnMjsrzh9Wk02cZyhZg
Behavioral task
behavioral1
Sample
ea48ee45da1f5a95f28d78f1d1138b40_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
ea48ee45da1f5a95f28d78f1d1138b40_JaffaCakes118
-
Size
2.5MB
-
MD5
ea48ee45da1f5a95f28d78f1d1138b40
-
SHA1
2f918782735b6231a3de7825d54266460bb6c68c
-
SHA256
693c0903fa5d55b26a0e21f4e876137cfff012e1dabc8ab1ecbf4223802f4f22
-
SHA512
e1c1c323579ca8f6ceba29c77281c7867db3db306da6dcd4be70edd528e49e23acaf8005ad03285395110dde06c6518e385add7a8bdd4cee5b9728a24604888b
-
SSDEEP
49152:6Q/KV6/m1eTl2gbzBmsMjAtrzhAZ6U3wN02cPxyhImAO+:Nm/eTlBzBnMjsrzh9Wk02cZyhZg
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-