General
-
Target
735c795aa8147d489a981c68c9ac6a81_JaffaCakes118
-
Size
664KB
-
Sample
240525-1qd7aabf81
-
MD5
735c795aa8147d489a981c68c9ac6a81
-
SHA1
571e5efcfc0019e0a03a6c9295cf03b29128e135
-
SHA256
100c542bbb0cc9de28db77abe7a1bd0a8dc8693911926bf67fecbd06a3747b57
-
SHA512
01d6a982469cebb0d3e21d1d50ba5f430f64fa4bf942d2f2e5213a35e1215b5093733c76406f213c582c442447974a63c41678b8e40e3b5e37fabf2549d269a8
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs169:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1W
Static task
static1
Behavioral task
behavioral1
Sample
735c795aa8147d489a981c68c9ac6a81_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
735c795aa8147d489a981c68c9ac6a81_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
735c795aa8147d489a981c68c9ac6a81_JaffaCakes118
-
Size
664KB
-
MD5
735c795aa8147d489a981c68c9ac6a81
-
SHA1
571e5efcfc0019e0a03a6c9295cf03b29128e135
-
SHA256
100c542bbb0cc9de28db77abe7a1bd0a8dc8693911926bf67fecbd06a3747b57
-
SHA512
01d6a982469cebb0d3e21d1d50ba5f430f64fa4bf942d2f2e5213a35e1215b5093733c76406f213c582c442447974a63c41678b8e40e3b5e37fabf2549d269a8
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs169:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1W
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-