General
-
Target
659e5ebdb23ddb46bc2407ed6a083d37_JaffaCakes118
-
Size
675KB
-
Sample
240522-cfc98sha2w
-
MD5
659e5ebdb23ddb46bc2407ed6a083d37
-
SHA1
996670a36d53b48fb79539d3209aeb130f9c0c7a
-
SHA256
151c3a0c404d37b4c9797613c6c83001042da7c1f395a31398c5950700e9f8ed
-
SHA512
f2b797688739ce6cd02c9a18593483252dcabfc449fa82b7fe5f3d137fa135a659558f0947c4372a02b847dd95011d9693dc3d81afa1aa9b83220ede93787667
-
SSDEEP
12288:vNxt2GCQZwqLIMRBeZHaElEZlBiZGXEtdrIsydYSYjXDwiYhT+63o:1xt2n6IQ2aEiriZUEtqr+ljXUiYF+63o
Static task
static1
Behavioral task
behavioral1
Sample
659e5ebdb23ddb46bc2407ed6a083d37_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
659e5ebdb23ddb46bc2407ed6a083d37_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
659e5ebdb23ddb46bc2407ed6a083d37_JaffaCakes118
-
Size
675KB
-
MD5
659e5ebdb23ddb46bc2407ed6a083d37
-
SHA1
996670a36d53b48fb79539d3209aeb130f9c0c7a
-
SHA256
151c3a0c404d37b4c9797613c6c83001042da7c1f395a31398c5950700e9f8ed
-
SHA512
f2b797688739ce6cd02c9a18593483252dcabfc449fa82b7fe5f3d137fa135a659558f0947c4372a02b847dd95011d9693dc3d81afa1aa9b83220ede93787667
-
SSDEEP
12288:vNxt2GCQZwqLIMRBeZHaElEZlBiZGXEtdrIsydYSYjXDwiYhT+63o:1xt2n6IQ2aEiriZUEtqr+ljXUiYF+63o
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-