General
-
Target
eddea1e0d3c3fdcc83b07f859afff744_JaffaCakes118
-
Size
4.0MB
-
Sample
240411-t24gzsag5y
-
MD5
eddea1e0d3c3fdcc83b07f859afff744
-
SHA1
ffdaa31c7f2d2a508fc5e8e0e36dbe46a868b09b
-
SHA256
7743b1f44f0043409fb4791091fefb35ee539313501bc49b99d1d2b9f6d28e73
-
SHA512
f87b7ce95ba1572d4b09935037fdc55a4a3018baa66c343cc9b08f151e48f70d35958a71dab75468b211d916c01bb67979c477e285a20c868afb36d7fc88e109
-
SSDEEP
98304:JF1HWX2L7CiI4DrzxJi+GZ81J+JYdfioZ:b1Hg6IeHrrJ+M
Behavioral task
behavioral1
Sample
eddea1e0d3c3fdcc83b07f859afff744_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
eddea1e0d3c3fdcc83b07f859afff744_JaffaCakes118
-
Size
4.0MB
-
MD5
eddea1e0d3c3fdcc83b07f859afff744
-
SHA1
ffdaa31c7f2d2a508fc5e8e0e36dbe46a868b09b
-
SHA256
7743b1f44f0043409fb4791091fefb35ee539313501bc49b99d1d2b9f6d28e73
-
SHA512
f87b7ce95ba1572d4b09935037fdc55a4a3018baa66c343cc9b08f151e48f70d35958a71dab75468b211d916c01bb67979c477e285a20c868afb36d7fc88e109
-
SSDEEP
98304:JF1HWX2L7CiI4DrzxJi+GZ81J+JYdfioZ:b1Hg6IeHrrJ+M
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-