General
-
Target
912e3cd27c5464597d13a2b91dac9d03_JaffaCakes118
-
Size
664KB
-
Sample
240603-krqnpshe21
-
MD5
912e3cd27c5464597d13a2b91dac9d03
-
SHA1
572d7ddd5dbfd41f840288cd3b32e57575df0b31
-
SHA256
05f6aeb1c6647d4f64ecc28f42f8b1b11ff858fda8cc7f7dc62d25a344acb389
-
SHA512
60d3bb9c7a5321cfa9a12dcdcb13a05d8a99cab4f2f81c24f694a8b491659a1cc4649c3ca18a5969c14fb2abf756b9ba6568d5ee13b52a8128da97a7b009b688
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs16y:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC11
Static task
static1
Behavioral task
behavioral1
Sample
912e3cd27c5464597d13a2b91dac9d03_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
912e3cd27c5464597d13a2b91dac9d03_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
912e3cd27c5464597d13a2b91dac9d03_JaffaCakes118
-
Size
664KB
-
MD5
912e3cd27c5464597d13a2b91dac9d03
-
SHA1
572d7ddd5dbfd41f840288cd3b32e57575df0b31
-
SHA256
05f6aeb1c6647d4f64ecc28f42f8b1b11ff858fda8cc7f7dc62d25a344acb389
-
SHA512
60d3bb9c7a5321cfa9a12dcdcb13a05d8a99cab4f2f81c24f694a8b491659a1cc4649c3ca18a5969c14fb2abf756b9ba6568d5ee13b52a8128da97a7b009b688
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs16y:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC11
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-