General
-
Target
6d66632634e281b46fc5976cde70d7f7_JaffaCakes118
-
Size
604KB
-
Sample
240524-fk9e1sec2z
-
MD5
6d66632634e281b46fc5976cde70d7f7
-
SHA1
c225a15fb3095cfc6b8f36f724346fba5c342ada
-
SHA256
130a4b36b97cbc42e2064100f8af7e2b6d0ff951fd4206f7009122e9af5b5fc7
-
SHA512
705e4281cb58a53f91a3ee11a1e1329d19991cb148357244fc9de445b630d3b0a0897a45f1357d5910fed5f0d00576f551e686fa3173d6a6f0b0cc1abcc33aac
-
SSDEEP
12288:y5BFm0cy8N2fRe+bIF/px7EWgyaQaR/AkDL6h:eBFm0coGFha+xaRZDL6h
Static task
static1
Behavioral task
behavioral1
Sample
6d66632634e281b46fc5976cde70d7f7_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6d66632634e281b46fc5976cde70d7f7_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
6d66632634e281b46fc5976cde70d7f7_JaffaCakes118
-
Size
604KB
-
MD5
6d66632634e281b46fc5976cde70d7f7
-
SHA1
c225a15fb3095cfc6b8f36f724346fba5c342ada
-
SHA256
130a4b36b97cbc42e2064100f8af7e2b6d0ff951fd4206f7009122e9af5b5fc7
-
SHA512
705e4281cb58a53f91a3ee11a1e1329d19991cb148357244fc9de445b630d3b0a0897a45f1357d5910fed5f0d00576f551e686fa3173d6a6f0b0cc1abcc33aac
-
SSDEEP
12288:y5BFm0cy8N2fRe+bIF/px7EWgyaQaR/AkDL6h:eBFm0coGFha+xaRZDL6h
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-