General
-
Target
63f54a9429e5b4cc3ee7ec94fa7cbf5d_JaffaCakes118
-
Size
673KB
-
Sample
240521-tybmssbg7z
-
MD5
63f54a9429e5b4cc3ee7ec94fa7cbf5d
-
SHA1
1e7a437eafb1147bfbf4c30ec5afe3f28007c80e
-
SHA256
06e0dcea0acc8f4e604ee3398de17ad4bddb74e9ed1b99313ce326baaefb390b
-
SHA512
7dd39256e32c9da234ea0edef59108120ddd0137fe25d2ebda47689ccb523d73fe99ebd2c333aa96098b7f14dba849025b370fe9f2c54fcc5fc9c44a2c6d5a4f
-
SSDEEP
12288:q5v8XvqRrYvhPi7cTqoRKHgGYcveMTv7AqeLDDuu9YMVFca6C:Cv8XCH7uqHgGY4e0QDD9YMV2a6C
Static task
static1
Behavioral task
behavioral1
Sample
63f54a9429e5b4cc3ee7ec94fa7cbf5d_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
63f54a9429e5b4cc3ee7ec94fa7cbf5d_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
63f54a9429e5b4cc3ee7ec94fa7cbf5d_JaffaCakes118
-
Size
673KB
-
MD5
63f54a9429e5b4cc3ee7ec94fa7cbf5d
-
SHA1
1e7a437eafb1147bfbf4c30ec5afe3f28007c80e
-
SHA256
06e0dcea0acc8f4e604ee3398de17ad4bddb74e9ed1b99313ce326baaefb390b
-
SHA512
7dd39256e32c9da234ea0edef59108120ddd0137fe25d2ebda47689ccb523d73fe99ebd2c333aa96098b7f14dba849025b370fe9f2c54fcc5fc9c44a2c6d5a4f
-
SSDEEP
12288:q5v8XvqRrYvhPi7cTqoRKHgGYcveMTv7AqeLDDuu9YMVFca6C:Cv8XCH7uqHgGY4e0QDD9YMV2a6C
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-