General
-
Target
844f1a1a3a5b2f655ceec5503a8f5525_JaffaCakes118
-
Size
531KB
-
Sample
240530-qp8pdsab3z
-
MD5
844f1a1a3a5b2f655ceec5503a8f5525
-
SHA1
d12beac073a6e578ec86131ffc1c49f85c65bd20
-
SHA256
0baf80a1c1f0db17f37a0ff2bf1c196e1a25cb4413e03a4e2593652010727bf4
-
SHA512
ef0ee75b3d7a0d2fa8b847d00f266ff86d23381fcc5ba83616344776bd46bc1379e76dd3091d7c6e1817b4dda7a0f1e648240ba725fa080c25b9e8041e2587a9
-
SSDEEP
12288:cnnxNXTHxigTCQbJUMHON1qAhN/QVIvHipk+cmsW:cnnxhAgTV6MHON1qqNYCP+x3
Static task
static1
Behavioral task
behavioral1
Sample
844f1a1a3a5b2f655ceec5503a8f5525_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
844f1a1a3a5b2f655ceec5503a8f5525_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
844f1a1a3a5b2f655ceec5503a8f5525_JaffaCakes118
-
Size
531KB
-
MD5
844f1a1a3a5b2f655ceec5503a8f5525
-
SHA1
d12beac073a6e578ec86131ffc1c49f85c65bd20
-
SHA256
0baf80a1c1f0db17f37a0ff2bf1c196e1a25cb4413e03a4e2593652010727bf4
-
SHA512
ef0ee75b3d7a0d2fa8b847d00f266ff86d23381fcc5ba83616344776bd46bc1379e76dd3091d7c6e1817b4dda7a0f1e648240ba725fa080c25b9e8041e2587a9
-
SSDEEP
12288:cnnxNXTHxigTCQbJUMHON1qAhN/QVIvHipk+cmsW:cnnxhAgTV6MHON1qqNYCP+x3
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-