General
-
Target
735fd003e07659caa0546ed1d29eb225_JaffaCakes118
-
Size
683KB
-
Sample
240525-1s7avabg8s
-
MD5
735fd003e07659caa0546ed1d29eb225
-
SHA1
358f653c9276df261005c7d8d2bcda13ac027370
-
SHA256
23537c5e750edbac2914a18ca66cb2de4a05ffe1aa7d5089cd5db7a78d64950c
-
SHA512
70cc04e8db1add2430a304b6560acfc96b73756b6bdd910fdfd368bdecaa5ac31263b0839740db4145419f26ab7ba71da8c118b8dab089dbd4d42a92df166b9d
-
SSDEEP
12288:apI1ozCEXgFQZ5O4GsLUfia4eiTxMovq6WuPCOlf5+V6N:yI1oz7gFGL/Uqbe6x5Ku6Op5+V6N
Static task
static1
Behavioral task
behavioral1
Sample
735fd003e07659caa0546ed1d29eb225_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
735fd003e07659caa0546ed1d29eb225_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
735fd003e07659caa0546ed1d29eb225_JaffaCakes118
-
Size
683KB
-
MD5
735fd003e07659caa0546ed1d29eb225
-
SHA1
358f653c9276df261005c7d8d2bcda13ac027370
-
SHA256
23537c5e750edbac2914a18ca66cb2de4a05ffe1aa7d5089cd5db7a78d64950c
-
SHA512
70cc04e8db1add2430a304b6560acfc96b73756b6bdd910fdfd368bdecaa5ac31263b0839740db4145419f26ab7ba71da8c118b8dab089dbd4d42a92df166b9d
-
SSDEEP
12288:apI1ozCEXgFQZ5O4GsLUfia4eiTxMovq6WuPCOlf5+V6N:yI1oz7gFGL/Uqbe6x5Ku6Op5+V6N
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-