General
-
Target
8996cb3a60b287b59a533ec6415b3cd5_JaffaCakes118
-
Size
627KB
-
Sample
240601-g3gcmace4t
-
MD5
8996cb3a60b287b59a533ec6415b3cd5
-
SHA1
807d5d9c7557a0cac1b77a6bed1ef9c96c939f66
-
SHA256
246c1ab4503252cc16643638bac0ab9222526ba224d89ee03d00ac1278692d84
-
SHA512
038ed6978a725d924ec39d4ad9798fca6e7502d88acb1f60ef127046c6a6c35e358e234ef5e7c5b63b7144b8cf7baf9aba26d6c94ac8cfaaa3d33d4525f6f421
-
SSDEEP
12288:wI3wFCiaTbvcEr8dTig6fRg4+sXxCzvDgocqOKlGlsN37Q:n3wFCic20fRg4+shCBcaGWNLQ
Static task
static1
Behavioral task
behavioral1
Sample
8996cb3a60b287b59a533ec6415b3cd5_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
8996cb3a60b287b59a533ec6415b3cd5_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
8996cb3a60b287b59a533ec6415b3cd5_JaffaCakes118
-
Size
627KB
-
MD5
8996cb3a60b287b59a533ec6415b3cd5
-
SHA1
807d5d9c7557a0cac1b77a6bed1ef9c96c939f66
-
SHA256
246c1ab4503252cc16643638bac0ab9222526ba224d89ee03d00ac1278692d84
-
SHA512
038ed6978a725d924ec39d4ad9798fca6e7502d88acb1f60ef127046c6a6c35e358e234ef5e7c5b63b7144b8cf7baf9aba26d6c94ac8cfaaa3d33d4525f6f421
-
SSDEEP
12288:wI3wFCiaTbvcEr8dTig6fRg4+sXxCzvDgocqOKlGlsN37Q:n3wFCic20fRg4+shCBcaGWNLQ
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-