General
-
Target
425c0de38f64ab7332e89d86c2eb8223_JaffaCakes118
-
Size
516KB
-
Sample
240514-v89g9agc5t
-
MD5
425c0de38f64ab7332e89d86c2eb8223
-
SHA1
878fd1c65ef9151d517ab880154df114c727763f
-
SHA256
366763a5bdc9727e9bf3ab46b35c01d02cbd151ffa29e8da48fbfc0851ebf3a7
-
SHA512
1c6501563cb54dc284c137b1995b769b14f81edb39f35827268c4c8407b09817ee6b9d095676ae36c7129b79ee3a12d227ff44404e4d08481958efd875ce7582
-
SSDEEP
6144:/Kw9ZuL+7TBufhHztxTBIp2ZrPs+JiifYPeyy8JAt3kgURi34wgC1:/Kw9ZuL+7TQfhhcGTs+lYWyp+tcyNZ
Malware Config
Targets
-
-
Target
425c0de38f64ab7332e89d86c2eb8223_JaffaCakes118
-
Size
516KB
-
MD5
425c0de38f64ab7332e89d86c2eb8223
-
SHA1
878fd1c65ef9151d517ab880154df114c727763f
-
SHA256
366763a5bdc9727e9bf3ab46b35c01d02cbd151ffa29e8da48fbfc0851ebf3a7
-
SHA512
1c6501563cb54dc284c137b1995b769b14f81edb39f35827268c4c8407b09817ee6b9d095676ae36c7129b79ee3a12d227ff44404e4d08481958efd875ce7582
-
SSDEEP
6144:/Kw9ZuL+7TBufhHztxTBIp2ZrPs+JiifYPeyy8JAt3kgURi34wgC1:/Kw9ZuL+7TQfhhcGTs+lYWyp+tcyNZ
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-