General
-
Target
6594045289263121d997a71ef832f1bf_JaffaCakes118
-
Size
638KB
-
Sample
240522-b7271agf61
-
MD5
6594045289263121d997a71ef832f1bf
-
SHA1
e1719742dac067c02799637c2f674d620b301b0d
-
SHA256
1194544f38d8a74b7562dc7613bdd118c8bf9d0cc74941518a3e11552faccb0a
-
SHA512
efaea0ae1b58b12156438d22b95c3858623db5c4cd043c29d3a74bf5deb1bcc4d50b0c3ccb2e7d6053bdafd10ad051deb2420043af260bb0ef8097d8ea83d81f
-
SSDEEP
12288:hmrT/NtMTbIhcvPMLxa8bzzyUoCyhRB2Sjy7Xrxti3rwbX1W38oZ1f6jB3BL:QrT/Nt3AML1XRykdzltqm8r3f6jBp
Static task
static1
Behavioral task
behavioral1
Sample
6594045289263121d997a71ef832f1bf_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6594045289263121d997a71ef832f1bf_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
6594045289263121d997a71ef832f1bf_JaffaCakes118
-
Size
638KB
-
MD5
6594045289263121d997a71ef832f1bf
-
SHA1
e1719742dac067c02799637c2f674d620b301b0d
-
SHA256
1194544f38d8a74b7562dc7613bdd118c8bf9d0cc74941518a3e11552faccb0a
-
SHA512
efaea0ae1b58b12156438d22b95c3858623db5c4cd043c29d3a74bf5deb1bcc4d50b0c3ccb2e7d6053bdafd10ad051deb2420043af260bb0ef8097d8ea83d81f
-
SSDEEP
12288:hmrT/NtMTbIhcvPMLxa8bzzyUoCyhRB2Sjy7Xrxti3rwbX1W38oZ1f6jB3BL:QrT/Nt3AML1XRykdzltqm8r3f6jBp
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-