General
-
Target
8425e1521a6a46a5160c248094846d2c_JaffaCakes118
-
Size
663KB
-
Sample
240530-n471asgd41
-
MD5
8425e1521a6a46a5160c248094846d2c
-
SHA1
617a55cc42c4572e7306d340ee56cff9e907fab4
-
SHA256
1229eac4f652b19638514d8c7538d7be8ce3d2c0dd23b7e25153353e5a547a10
-
SHA512
49301d6d4cd5d68650e1174d3fcc6180ff1b01f0964ac9647ec3b30218b9b98a354a0b9bc22742025e647d360be9b721aeccef102565ac801c4c655e2276f71e
-
SSDEEP
12288:sJawVBPRujnSgh24w7H33h68YA6hdWc+Q8rNf2pz5LyRkv6+:0awVx7c2ZT3h6g6Gdu5LMkv6+
Static task
static1
Behavioral task
behavioral1
Sample
8425e1521a6a46a5160c248094846d2c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8425e1521a6a46a5160c248094846d2c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8425e1521a6a46a5160c248094846d2c_JaffaCakes118
-
Size
663KB
-
MD5
8425e1521a6a46a5160c248094846d2c
-
SHA1
617a55cc42c4572e7306d340ee56cff9e907fab4
-
SHA256
1229eac4f652b19638514d8c7538d7be8ce3d2c0dd23b7e25153353e5a547a10
-
SHA512
49301d6d4cd5d68650e1174d3fcc6180ff1b01f0964ac9647ec3b30218b9b98a354a0b9bc22742025e647d360be9b721aeccef102565ac801c4c655e2276f71e
-
SSDEEP
12288:sJawVBPRujnSgh24w7H33h68YA6hdWc+Q8rNf2pz5LyRkv6+:0awVx7c2ZT3h6g6Gdu5LMkv6+
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-