General
-
Target
fc4a9c2c74748dfe0fae2ac5bdeda341_JaffaCakes118
-
Size
3.1MB
-
Sample
240420-jt365scf6y
-
MD5
fc4a9c2c74748dfe0fae2ac5bdeda341
-
SHA1
185add6ebd0afcc63d9e4d2570ced3de67da5b60
-
SHA256
d746a7cbfb99ea33a59fdc89392c7d36763f728d2ce2525ee117650605a59a7a
-
SHA512
fc720f2ee49792d1e317de96465843893e3de5b50c95a027d8a0574aef9c9f6c4863b461897d38a23353273abcfc771bd46e47ce97684c16060017a5af4d9b5c
-
SSDEEP
98304:vbYT/ecrd6OjPSSrmRWmrvqUWg8llfY8Kdiz:8TGcd/qZRWmrHUfY80e
Behavioral task
behavioral1
Sample
fc4a9c2c74748dfe0fae2ac5bdeda341_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
fc4a9c2c74748dfe0fae2ac5bdeda341_JaffaCakes118
-
Size
3.1MB
-
MD5
fc4a9c2c74748dfe0fae2ac5bdeda341
-
SHA1
185add6ebd0afcc63d9e4d2570ced3de67da5b60
-
SHA256
d746a7cbfb99ea33a59fdc89392c7d36763f728d2ce2525ee117650605a59a7a
-
SHA512
fc720f2ee49792d1e317de96465843893e3de5b50c95a027d8a0574aef9c9f6c4863b461897d38a23353273abcfc771bd46e47ce97684c16060017a5af4d9b5c
-
SSDEEP
98304:vbYT/ecrd6OjPSSrmRWmrvqUWg8llfY8Kdiz:8TGcd/qZRWmrHUfY80e
-
Detect ZGRat V1
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-