General
-
Target
76b963f6a91415818746cd23f0708421_JaffaCakes118
-
Size
517KB
-
Sample
240526-y6efwaah61
-
MD5
76b963f6a91415818746cd23f0708421
-
SHA1
e323bcb5dffdca3c545325c47de70ecd0236d9f6
-
SHA256
9c64d44b78b3f9bedd855215b0420ba0b4f0385764ecd7376f18b839c122aa4a
-
SHA512
5b8196366f4a1b637919de1a95a7c8b616a2d0979c60ceb116935cb5d5d5e0908222a9902e5a627d881a765fbba7a98048404461755886f408b133b679b0aea3
-
SSDEEP
12288:AmUqR5z0FOTC1NXIHfpJYlY/Qy5eEG30LC+MCW1qrQpPt/0KuV:AmUqqOTAXIHfpOcQ6JG30L/MCW1yQpiB
Malware Config
Targets
-
-
Target
76b963f6a91415818746cd23f0708421_JaffaCakes118
-
Size
517KB
-
MD5
76b963f6a91415818746cd23f0708421
-
SHA1
e323bcb5dffdca3c545325c47de70ecd0236d9f6
-
SHA256
9c64d44b78b3f9bedd855215b0420ba0b4f0385764ecd7376f18b839c122aa4a
-
SHA512
5b8196366f4a1b637919de1a95a7c8b616a2d0979c60ceb116935cb5d5d5e0908222a9902e5a627d881a765fbba7a98048404461755886f408b133b679b0aea3
-
SSDEEP
12288:AmUqR5z0FOTC1NXIHfpJYlY/Qy5eEG30LC+MCW1qrQpPt/0KuV:AmUqqOTAXIHfpOcQ6JG30L/MCW1yQpiB
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-