General
-
Target
a3ae50e460eaeac21ef2c87790b2a8bb_JaffaCakes118
-
Size
664KB
-
Sample
240613-d2k3mssfrh
-
MD5
a3ae50e460eaeac21ef2c87790b2a8bb
-
SHA1
4dfcd23312d3ec16d3ba0a537708fec48898938a
-
SHA256
2277b94468235f81f463facaa9bfc8cba2c736471df1150bc054b7fdf56991fa
-
SHA512
f4cc3b398dd6a5c3e9b82ea860be1e0c802c0026b340b9c6275d8e9c22a49d31e5b639ccdf4e72ebf02b8269961cc0bf18e8067987f812eced7444573dec9008
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs16s:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC17
Static task
static1
Behavioral task
behavioral1
Sample
a3ae50e460eaeac21ef2c87790b2a8bb_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a3ae50e460eaeac21ef2c87790b2a8bb_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
a3ae50e460eaeac21ef2c87790b2a8bb_JaffaCakes118
-
Size
664KB
-
MD5
a3ae50e460eaeac21ef2c87790b2a8bb
-
SHA1
4dfcd23312d3ec16d3ba0a537708fec48898938a
-
SHA256
2277b94468235f81f463facaa9bfc8cba2c736471df1150bc054b7fdf56991fa
-
SHA512
f4cc3b398dd6a5c3e9b82ea860be1e0c802c0026b340b9c6275d8e9c22a49d31e5b639ccdf4e72ebf02b8269961cc0bf18e8067987f812eced7444573dec9008
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs16s:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC17
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-