General
-
Target
8c781db94011fc1216244f511a49c261_JaffaCakes118
-
Size
404KB
-
Sample
240602-bx9t4aed2s
-
MD5
8c781db94011fc1216244f511a49c261
-
SHA1
fbcb19e79e8dcdfc3c1f4400b88a32dc2376ae24
-
SHA256
059687e56a5244ff79eafa2d9cfde404343ead3a9082cfa42d9ef9b9c60a16ad
-
SHA512
eedfb29a0c3196678bfb4cba348f2343da817f32883375018dced31fd89f3577350a20cd823c5ff1d3e1fcd7ea627a9961d139db7d9192f380444df6d6df7c0c
-
SSDEEP
12288:UgffF5hZ2v2hiPO8WI4iU83wGqMgvOc5XD:UgXRzb8WIK838735XD
Static task
static1
Behavioral task
behavioral1
Sample
8c781db94011fc1216244f511a49c261_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8c781db94011fc1216244f511a49c261_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
8c781db94011fc1216244f511a49c261_JaffaCakes118
-
Size
404KB
-
MD5
8c781db94011fc1216244f511a49c261
-
SHA1
fbcb19e79e8dcdfc3c1f4400b88a32dc2376ae24
-
SHA256
059687e56a5244ff79eafa2d9cfde404343ead3a9082cfa42d9ef9b9c60a16ad
-
SHA512
eedfb29a0c3196678bfb4cba348f2343da817f32883375018dced31fd89f3577350a20cd823c5ff1d3e1fcd7ea627a9961d139db7d9192f380444df6d6df7c0c
-
SSDEEP
12288:UgffF5hZ2v2hiPO8WI4iU83wGqMgvOc5XD:UgXRzb8WIK838735XD
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-