General
-
Target
89515f74c1d8c23eb21ba68d9e4e819e_JaffaCakes118
-
Size
500KB
-
Sample
240601-ephx7aaa24
-
MD5
89515f74c1d8c23eb21ba68d9e4e819e
-
SHA1
103fef070251b74736d033a9b18f7aed01b8097f
-
SHA256
131ba2d94b368a5bcde967fd1188fa4b469dd0ffcde1e2bf94d8989e62c28a5f
-
SHA512
cd0a2758eaa7d9b74d812c836d977baf9b1736c51324f0d491130a8630a7808413793a7bdcef4d7453bff7a3548bc8cfa1e37bcc8cea2cae508d5f206cac47fc
-
SSDEEP
6144:n5DK99xOtO8XMLOjyfdGdQK36OP9KEzmIr3JgYhCOPoKuRbdz5C241cOInPfnGfP:n5Dc3x8XPjy07n1C4uASOIP/s3
Static task
static1
Behavioral task
behavioral1
Sample
89515f74c1d8c23eb21ba68d9e4e819e_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
89515f74c1d8c23eb21ba68d9e4e819e_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
89515f74c1d8c23eb21ba68d9e4e819e_JaffaCakes118
-
Size
500KB
-
MD5
89515f74c1d8c23eb21ba68d9e4e819e
-
SHA1
103fef070251b74736d033a9b18f7aed01b8097f
-
SHA256
131ba2d94b368a5bcde967fd1188fa4b469dd0ffcde1e2bf94d8989e62c28a5f
-
SHA512
cd0a2758eaa7d9b74d812c836d977baf9b1736c51324f0d491130a8630a7808413793a7bdcef4d7453bff7a3548bc8cfa1e37bcc8cea2cae508d5f206cac47fc
-
SSDEEP
6144:n5DK99xOtO8XMLOjyfdGdQK36OP9KEzmIr3JgYhCOPoKuRbdz5C241cOInPfnGfP:n5Dc3x8XPjy07n1C4uASOIP/s3
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-