General
-
Target
3eea2f76ecb488b9d2058e8471d84f12_JaffaCakes118
-
Size
532KB
-
Sample
240513-lx4cesac28
-
MD5
3eea2f76ecb488b9d2058e8471d84f12
-
SHA1
3dc3b80b03a2a80fed27036df8f98b151cf37f04
-
SHA256
06b40a8a9b2d45d26958c0d0fe7d4607b2e91cc304019f396faf83487e68518b
-
SHA512
8e89e0ff3bc3c2d3b51974a102bbaefb79738fb3fecad5feb8ea0b847c64b0619bbffa7217f73e39a2bab9facfb29a2638a9db2c96ef01bf6250d1a299d3b5ac
-
SSDEEP
12288:tXf2DMo6GCfdog22HXrFy+344+E9OsDYMbWMKyH/rexOww9gU:tv2DBCVx5y+3RxDYv9UCxOwwKU
Static task
static1
Behavioral task
behavioral1
Sample
3eea2f76ecb488b9d2058e8471d84f12_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
3eea2f76ecb488b9d2058e8471d84f12_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
3eea2f76ecb488b9d2058e8471d84f12_JaffaCakes118
-
Size
532KB
-
MD5
3eea2f76ecb488b9d2058e8471d84f12
-
SHA1
3dc3b80b03a2a80fed27036df8f98b151cf37f04
-
SHA256
06b40a8a9b2d45d26958c0d0fe7d4607b2e91cc304019f396faf83487e68518b
-
SHA512
8e89e0ff3bc3c2d3b51974a102bbaefb79738fb3fecad5feb8ea0b847c64b0619bbffa7217f73e39a2bab9facfb29a2638a9db2c96ef01bf6250d1a299d3b5ac
-
SSDEEP
12288:tXf2DMo6GCfdog22HXrFy+344+E9OsDYMbWMKyH/rexOww9gU:tv2DBCVx5y+3RxDYv9UCxOwwKU
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-