General
-
Target
a3b132a9f6621ada2bc400d3f1649b5c_JaffaCakes118
-
Size
664KB
-
Sample
240613-d5h3fssgra
-
MD5
a3b132a9f6621ada2bc400d3f1649b5c
-
SHA1
995c894e225f19c2f513cd33d6683a80188720de
-
SHA256
24e3a5b6606d69b7493e542a99df5630e18dc3223cbc7df396d46039320c0979
-
SHA512
7d102bee7a4488669bac13030e4cff31b7be1a1a73de8064d270ddf6485047fdca5b5e1888053df4a34506d23ae0fd3c768861b7bd2e1a764376081256a59f5b
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs16R:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1q
Static task
static1
Behavioral task
behavioral1
Sample
a3b132a9f6621ada2bc400d3f1649b5c_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a3b132a9f6621ada2bc400d3f1649b5c_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
a3b132a9f6621ada2bc400d3f1649b5c_JaffaCakes118
-
Size
664KB
-
MD5
a3b132a9f6621ada2bc400d3f1649b5c
-
SHA1
995c894e225f19c2f513cd33d6683a80188720de
-
SHA256
24e3a5b6606d69b7493e542a99df5630e18dc3223cbc7df396d46039320c0979
-
SHA512
7d102bee7a4488669bac13030e4cff31b7be1a1a73de8064d270ddf6485047fdca5b5e1888053df4a34506d23ae0fd3c768861b7bd2e1a764376081256a59f5b
-
SSDEEP
12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs16R:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1q
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-