General
-
Target
3ef0260a973ffcda9d03f6cfb07c0341_JaffaCakes118
-
Size
633KB
-
Sample
240513-l2c12aad59
-
MD5
3ef0260a973ffcda9d03f6cfb07c0341
-
SHA1
4e0f0d21fc63198032cc29b53c6a8e23b78cd04a
-
SHA256
827f635b2d00b75484eef39bbb0ff790333fc7782dcc53848506f17e54610106
-
SHA512
c1225bb3323e81702a1b0ac44647a27a984c09df80a590ce8d8cb1873603b67003fc0bd199983cf769824e8f30843d576a25ea149fcf053d7d2a68a647f4ac47
-
SSDEEP
12288:hEN2o2TEYcjYFNQkPFRRwCMc2qT55H5UvpfN4P9LJrAeMe36i9:w2ouFekdwCMBqTLZw3wXrAC36A
Static task
static1
Behavioral task
behavioral1
Sample
3ef0260a973ffcda9d03f6cfb07c0341_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
3ef0260a973ffcda9d03f6cfb07c0341_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
3ef0260a973ffcda9d03f6cfb07c0341_JaffaCakes118
-
Size
633KB
-
MD5
3ef0260a973ffcda9d03f6cfb07c0341
-
SHA1
4e0f0d21fc63198032cc29b53c6a8e23b78cd04a
-
SHA256
827f635b2d00b75484eef39bbb0ff790333fc7782dcc53848506f17e54610106
-
SHA512
c1225bb3323e81702a1b0ac44647a27a984c09df80a590ce8d8cb1873603b67003fc0bd199983cf769824e8f30843d576a25ea149fcf053d7d2a68a647f4ac47
-
SSDEEP
12288:hEN2o2TEYcjYFNQkPFRRwCMc2qT55H5UvpfN4P9LJrAeMe36i9:w2ouFekdwCMBqTLZw3wXrAC36A
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-