General
-
Target
03c61e22a3cef3427944a5c91f7de5f5_JaffaCakes118
-
Size
664KB
-
Sample
240427-2fxfjsaa56
-
MD5
03c61e22a3cef3427944a5c91f7de5f5
-
SHA1
1e4697a5f614f0f137d14298cb6e9d001b5c888f
-
SHA256
85b75e7e700a41a2c93da268868a5ad55dbc3808f8fec58dfbe410b50352e02f
-
SHA512
81d760c404022924f367e19b349aea973b671b9ed00bb79202a665719755fe1cbc33244d951ac2e73befe66a174482ec9a73446131936e96cabb5fd34bdd0b58
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs165:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1G
Static task
static1
Behavioral task
behavioral1
Sample
03c61e22a3cef3427944a5c91f7de5f5_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
03c61e22a3cef3427944a5c91f7de5f5_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
03c61e22a3cef3427944a5c91f7de5f5_JaffaCakes118
-
Size
664KB
-
MD5
03c61e22a3cef3427944a5c91f7de5f5
-
SHA1
1e4697a5f614f0f137d14298cb6e9d001b5c888f
-
SHA256
85b75e7e700a41a2c93da268868a5ad55dbc3808f8fec58dfbe410b50352e02f
-
SHA512
81d760c404022924f367e19b349aea973b671b9ed00bb79202a665719755fe1cbc33244d951ac2e73befe66a174482ec9a73446131936e96cabb5fd34bdd0b58
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs165:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1G
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-