General
-
Target
8cf0b516e85c07fc19f76c8a0fc198cb_JaffaCakes118
-
Size
706KB
-
Sample
240602-fjmjvsbg2t
-
MD5
8cf0b516e85c07fc19f76c8a0fc198cb
-
SHA1
5aeb28028c4c0400f8d4c9541b048807c75d2126
-
SHA256
055d7f035d25761ace1d3d8933ef201559b4a0543b99fef4f03c7b41a8609b64
-
SHA512
f5ec3d6abbbc78e389cb60ec06d46927f5041b7d290d31e921dca35edece3189c75a6a0a906c1f4e34e572db8a03761a46bdd73a56de154ada13b8122d30f927
-
SSDEEP
12288:LWSbbO+qykD4IW0lFYsP5RGRfBntaVR0VKa8HsknPk/FbQivhOlzaAdBv6C:yobO+WJNYshRG7nsVqVN8MckNb3v8lzV
Static task
static1
Behavioral task
behavioral1
Sample
8cf0b516e85c07fc19f76c8a0fc198cb_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
8cf0b516e85c07fc19f76c8a0fc198cb_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8cf0b516e85c07fc19f76c8a0fc198cb_JaffaCakes118
-
Size
706KB
-
MD5
8cf0b516e85c07fc19f76c8a0fc198cb
-
SHA1
5aeb28028c4c0400f8d4c9541b048807c75d2126
-
SHA256
055d7f035d25761ace1d3d8933ef201559b4a0543b99fef4f03c7b41a8609b64
-
SHA512
f5ec3d6abbbc78e389cb60ec06d46927f5041b7d290d31e921dca35edece3189c75a6a0a906c1f4e34e572db8a03761a46bdd73a56de154ada13b8122d30f927
-
SSDEEP
12288:LWSbbO+qykD4IW0lFYsP5RGRfBntaVR0VKa8HsknPk/FbQivhOlzaAdBv6C:yobO+WJNYshRG7nsVqVN8MckNb3v8lzV
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-