General
-
Target
03c46f93c7c18e7579f97748744f3a8f_JaffaCakes118
-
Size
680KB
-
Sample
240427-2d8qssac6t
-
MD5
03c46f93c7c18e7579f97748744f3a8f
-
SHA1
29249e569b0f11a36f09c7a1e5484d39f8572dfe
-
SHA256
20ca928146f86d91805396db144de2bce43ddb957535eb54afce73cba37a6177
-
SHA512
0e5bbd6b505d15201554bb0f9c11fca82a72e73d560765b2589138dd585d02143128dce7fb76e2171ab97f8ea15c20faa8a93bb41f473c8d6362cb9122eebc3d
-
SSDEEP
12288:C82isfaTcM8/kNcHKp3IVHWcjSf4P/cJL5a/5WdU6AmR+6mo:32isfdMqTPwcjSf4P/cJL5a/5FmR+6mo
Static task
static1
Behavioral task
behavioral1
Sample
03c46f93c7c18e7579f97748744f3a8f_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
03c46f93c7c18e7579f97748744f3a8f_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
03c46f93c7c18e7579f97748744f3a8f_JaffaCakes118
-
Size
680KB
-
MD5
03c46f93c7c18e7579f97748744f3a8f
-
SHA1
29249e569b0f11a36f09c7a1e5484d39f8572dfe
-
SHA256
20ca928146f86d91805396db144de2bce43ddb957535eb54afce73cba37a6177
-
SHA512
0e5bbd6b505d15201554bb0f9c11fca82a72e73d560765b2589138dd585d02143128dce7fb76e2171ab97f8ea15c20faa8a93bb41f473c8d6362cb9122eebc3d
-
SSDEEP
12288:C82isfaTcM8/kNcHKp3IVHWcjSf4P/cJL5a/5WdU6AmR+6mo:32isfdMqTPwcjSf4P/cJL5a/5FmR+6mo
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-