General
-
Target
9786cf1f32b8889fb82767e9ad866f52_JaffaCakes118
-
Size
628KB
-
Sample
240605-jnshfsah49
-
MD5
9786cf1f32b8889fb82767e9ad866f52
-
SHA1
8e55cd12f41efc9a9fb341aa25811a5decda2d1c
-
SHA256
23a3f8d5fd270f2bc1b265679881ac81b318a66e2d4bab33a17b93a8aeeb86ea
-
SHA512
b9cea70b34125051b75377b8b85eb899bdc54df7d32933774ee01f593e6607ee769e28289f94de5b9fed0a5c86872eb89ec36139fd2e05640da6d0f7c2ce59d5
-
SSDEEP
12288:eL4MO+THTJZVyWW9Xl6nHZDQQXiPYURmjDAOu7Q944dc69:o4MO+Vx+M1OPoO7tGc69
Static task
static1
Behavioral task
behavioral1
Sample
9786cf1f32b8889fb82767e9ad866f52_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9786cf1f32b8889fb82767e9ad866f52_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
9786cf1f32b8889fb82767e9ad866f52_JaffaCakes118
-
Size
628KB
-
MD5
9786cf1f32b8889fb82767e9ad866f52
-
SHA1
8e55cd12f41efc9a9fb341aa25811a5decda2d1c
-
SHA256
23a3f8d5fd270f2bc1b265679881ac81b318a66e2d4bab33a17b93a8aeeb86ea
-
SHA512
b9cea70b34125051b75377b8b85eb899bdc54df7d32933774ee01f593e6607ee769e28289f94de5b9fed0a5c86872eb89ec36139fd2e05640da6d0f7c2ce59d5
-
SSDEEP
12288:eL4MO+THTJZVyWW9Xl6nHZDQQXiPYURmjDAOu7Q944dc69:o4MO+Vx+M1OPoO7tGc69
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-