General
-
Target
a620c49e30ef4da3f7a835ac3e3d29f9_JaffaCakes118
-
Size
671KB
-
Sample
240613-saavxstcmg
-
MD5
a620c49e30ef4da3f7a835ac3e3d29f9
-
SHA1
3c70e01892fae6d76a95435d2bdd3cee6b9d097b
-
SHA256
2179ad17915311a073bd3e9d8ed4388704c636496afa1b67f3642543e5dae0e5
-
SHA512
869b3c42557dab5cfa05f29818538657f110491ccdf4622d90a8b8326c15b8832d27ab95d00f4a438d972fce797a851f6e25864baa5cb0d40e5c23230d9384ce
-
SSDEEP
12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6r:qJ7Uzj4yUo7Fdle8WIbCL6r
Static task
static1
Behavioral task
behavioral1
Sample
a620c49e30ef4da3f7a835ac3e3d29f9_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a620c49e30ef4da3f7a835ac3e3d29f9_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
a620c49e30ef4da3f7a835ac3e3d29f9_JaffaCakes118
-
Size
671KB
-
MD5
a620c49e30ef4da3f7a835ac3e3d29f9
-
SHA1
3c70e01892fae6d76a95435d2bdd3cee6b9d097b
-
SHA256
2179ad17915311a073bd3e9d8ed4388704c636496afa1b67f3642543e5dae0e5
-
SHA512
869b3c42557dab5cfa05f29818538657f110491ccdf4622d90a8b8326c15b8832d27ab95d00f4a438d972fce797a851f6e25864baa5cb0d40e5c23230d9384ce
-
SSDEEP
12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6r:qJ7Uzj4yUo7Fdle8WIbCL6r
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-