General
-
Target
914acb0e4d15d20ffd6454795990fd70_JaffaCakes118
-
Size
4.2MB
-
Sample
240603-lhy46abd92
-
MD5
914acb0e4d15d20ffd6454795990fd70
-
SHA1
5fd229adb8d623ee4d88241e345cbddb05f76c48
-
SHA256
f7ceb08d2f953aaf94f31098e116d72d2e9dd1f6c2498bfd03fb7ad77c55717f
-
SHA512
987edcf675748aba99882d9efc9527e1582cb82fc5489f22e3186ce72fe913e692804d5b1d06c07973e5995cb43031e4057fe34bb7be4bdf9b859ab60f8a2853
-
SSDEEP
98304:JJ5RHOktBboDyQqUErbe2AVxCOshLPFLXkwnIzzCb/YV5DyzFfFni:/7YDy9yQ5fb/s9y7i
Static task
static1
Behavioral task
behavioral1
Sample
914acb0e4d15d20ffd6454795990fd70_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
914acb0e4d15d20ffd6454795990fd70_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
914acb0e4d15d20ffd6454795990fd70_JaffaCakes118
-
Size
4.2MB
-
MD5
914acb0e4d15d20ffd6454795990fd70
-
SHA1
5fd229adb8d623ee4d88241e345cbddb05f76c48
-
SHA256
f7ceb08d2f953aaf94f31098e116d72d2e9dd1f6c2498bfd03fb7ad77c55717f
-
SHA512
987edcf675748aba99882d9efc9527e1582cb82fc5489f22e3186ce72fe913e692804d5b1d06c07973e5995cb43031e4057fe34bb7be4bdf9b859ab60f8a2853
-
SSDEEP
98304:JJ5RHOktBboDyQqUErbe2AVxCOshLPFLXkwnIzzCb/YV5DyzFfFni:/7YDy9yQ5fb/s9y7i
-
Enumerates VirtualBox registry keys
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Looks for VirtualBox Guest Additions in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-