General
-
Target
97caca47cf5b3d5b38bf4db9d3168ce8_JaffaCakes118
-
Size
664KB
-
Sample
240605-lw48bscd5z
-
MD5
97caca47cf5b3d5b38bf4db9d3168ce8
-
SHA1
b9a54393bcc52b8713fdcbec11ef6d35bf848c39
-
SHA256
158e520449365d18447b647a375a1298ab00c6d87be6cdf4585162e402735102
-
SHA512
a20fac61fb2fe93ccdbb82fb7c5d52c25b23f979c5d0ae1057fe82f36a944b29be99c3845b963c850cfa0209b7868d2f954ef09999e9ec4a56a86cea604b5b3c
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs160:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC13
Static task
static1
Behavioral task
behavioral1
Sample
97caca47cf5b3d5b38bf4db9d3168ce8_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
97caca47cf5b3d5b38bf4db9d3168ce8_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
97caca47cf5b3d5b38bf4db9d3168ce8_JaffaCakes118
-
Size
664KB
-
MD5
97caca47cf5b3d5b38bf4db9d3168ce8
-
SHA1
b9a54393bcc52b8713fdcbec11ef6d35bf848c39
-
SHA256
158e520449365d18447b647a375a1298ab00c6d87be6cdf4585162e402735102
-
SHA512
a20fac61fb2fe93ccdbb82fb7c5d52c25b23f979c5d0ae1057fe82f36a944b29be99c3845b963c850cfa0209b7868d2f954ef09999e9ec4a56a86cea604b5b3c
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs160:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC13
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-