General
-
Target
65bc8a4025ccdee879c5f2f53b2aeba8_JaffaCakes118
-
Size
673KB
-
Sample
240522-c7rxpshg69
-
MD5
65bc8a4025ccdee879c5f2f53b2aeba8
-
SHA1
a3147dfa88428d6c081b028eff857a3609ade200
-
SHA256
053f3443d6512b66e0331f874c71e0988d7510971651c8998e4064f096b34efc
-
SHA512
d231d4310c71481d5ae24dd5131a9f4334d2e1cbb353f2f1372bd382b8418ec8aba24b768db72c98086e0bba02c6b91de8571b7f2afa868aaf68850be9dc4cc6
-
SSDEEP
12288:q5v8XvqRrYvhPi7cTqoRKHgGYcveMTv7AqeLDDuu9YMVFca6a:Cv8XCH7uqHgGY4e0QDD9YMV2a6a
Static task
static1
Behavioral task
behavioral1
Sample
65bc8a4025ccdee879c5f2f53b2aeba8_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
65bc8a4025ccdee879c5f2f53b2aeba8_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
65bc8a4025ccdee879c5f2f53b2aeba8_JaffaCakes118
-
Size
673KB
-
MD5
65bc8a4025ccdee879c5f2f53b2aeba8
-
SHA1
a3147dfa88428d6c081b028eff857a3609ade200
-
SHA256
053f3443d6512b66e0331f874c71e0988d7510971651c8998e4064f096b34efc
-
SHA512
d231d4310c71481d5ae24dd5131a9f4334d2e1cbb353f2f1372bd382b8418ec8aba24b768db72c98086e0bba02c6b91de8571b7f2afa868aaf68850be9dc4cc6
-
SSDEEP
12288:q5v8XvqRrYvhPi7cTqoRKHgGYcveMTv7AqeLDDuu9YMVFca6a:Cv8XCH7uqHgGY4e0QDD9YMV2a6a
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-