General
-
Target
a6e5741c45f6291a9130f77292b643b1_JaffaCakes118
-
Size
663KB
-
Sample
240613-2fc2xashle
-
MD5
a6e5741c45f6291a9130f77292b643b1
-
SHA1
94a2b0e70dc60b566e21198c51b17fdb6a036ab5
-
SHA256
2473e41a3986a58a9cc154bffd2a8bd0923ea9f71e87963b943e3c859bfbba44
-
SHA512
96fb1f57a96eaa4d42b7d760436d730ad90e09c4f0cdac46f1114d163c7fdce1be4abd0574a4dd69dfc866d8d4efb8f5b89f11dcea25fb9b75e775dcf3e66f3d
-
SSDEEP
12288:uqMEMEMgxYtIEov70s2sft/nUGKitxSBRzUZfj9I8waz6v:pMEMER3/dSz4ZZJz6v
Static task
static1
Behavioral task
behavioral1
Sample
a6e5741c45f6291a9130f77292b643b1_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a6e5741c45f6291a9130f77292b643b1_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
a6e5741c45f6291a9130f77292b643b1_JaffaCakes118
-
Size
663KB
-
MD5
a6e5741c45f6291a9130f77292b643b1
-
SHA1
94a2b0e70dc60b566e21198c51b17fdb6a036ab5
-
SHA256
2473e41a3986a58a9cc154bffd2a8bd0923ea9f71e87963b943e3c859bfbba44
-
SHA512
96fb1f57a96eaa4d42b7d760436d730ad90e09c4f0cdac46f1114d163c7fdce1be4abd0574a4dd69dfc866d8d4efb8f5b89f11dcea25fb9b75e775dcf3e66f3d
-
SSDEEP
12288:uqMEMEMgxYtIEov70s2sft/nUGKitxSBRzUZfj9I8waz6v:pMEMER3/dSz4ZZJz6v
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-