General
-
Target
8935728efc1f4271b55adbc397bfb339_JaffaCakes118
-
Size
697KB
-
Sample
240601-dnptnsge22
-
MD5
8935728efc1f4271b55adbc397bfb339
-
SHA1
9231ab258a2e1f9bd661331feb8947cd3a1eca66
-
SHA256
23308ce5469872bfd1ddd0bd02ac920c9f133e7abe40650a49cd441b62b7b1dd
-
SHA512
b34cd44c460e7d7f484d08d45f3139d97fa664c208b648100daf7bc579610593df9ca248f9b85248157e77c36baec5049ff22a2bfdb3e19563d23f8ed098fac9
-
SSDEEP
12288:ZVFRcibCA69e91qov32KG3hpepUdpzFmWXEtt/b+DYTiicHP6v:3FRci69m1zmKmYpiFmSi9uLicHP6v
Static task
static1
Behavioral task
behavioral1
Sample
8935728efc1f4271b55adbc397bfb339_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
8935728efc1f4271b55adbc397bfb339_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
8935728efc1f4271b55adbc397bfb339_JaffaCakes118
-
Size
697KB
-
MD5
8935728efc1f4271b55adbc397bfb339
-
SHA1
9231ab258a2e1f9bd661331feb8947cd3a1eca66
-
SHA256
23308ce5469872bfd1ddd0bd02ac920c9f133e7abe40650a49cd441b62b7b1dd
-
SHA512
b34cd44c460e7d7f484d08d45f3139d97fa664c208b648100daf7bc579610593df9ca248f9b85248157e77c36baec5049ff22a2bfdb3e19563d23f8ed098fac9
-
SSDEEP
12288:ZVFRcibCA69e91qov32KG3hpepUdpzFmWXEtt/b+DYTiicHP6v:3FRci69m1zmKmYpiFmSi9uLicHP6v
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-