General
-
Target
a629ba29e62a07d4215d50b3f1f5c649_JaffaCakes118
-
Size
709KB
-
Sample
240613-se18nsxhjk
-
MD5
a629ba29e62a07d4215d50b3f1f5c649
-
SHA1
59653eb9ec09ceae8c08c463e4de16e02a6a9f76
-
SHA256
06071515102e89ab886cd84fd148885eba64530087dd34021523807b29f1dbb5
-
SHA512
79537f11281ed1ce2918944961e9d475b5c46b7c33998532e821e6f18abe1c196403fd2a41f3db878aa03f0c86c358ed03e9e69cffc1274a984927e07d1225d5
-
SSDEEP
12288:Udk1Dbf27xi6PsmDJyodALFhRfM+JOGnK/FBOjX0nnRn1BjrH8IfV6A:8k1DbHmko6L3y+gVObuRnnrHDV6A
Static task
static1
Behavioral task
behavioral1
Sample
a629ba29e62a07d4215d50b3f1f5c649_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a629ba29e62a07d4215d50b3f1f5c649_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
a629ba29e62a07d4215d50b3f1f5c649_JaffaCakes118
-
Size
709KB
-
MD5
a629ba29e62a07d4215d50b3f1f5c649
-
SHA1
59653eb9ec09ceae8c08c463e4de16e02a6a9f76
-
SHA256
06071515102e89ab886cd84fd148885eba64530087dd34021523807b29f1dbb5
-
SHA512
79537f11281ed1ce2918944961e9d475b5c46b7c33998532e821e6f18abe1c196403fd2a41f3db878aa03f0c86c358ed03e9e69cffc1274a984927e07d1225d5
-
SSDEEP
12288:Udk1Dbf27xi6PsmDJyodALFhRfM+JOGnK/FBOjX0nnRn1BjrH8IfV6A:8k1DbHmko6L3y+gVObuRnnrHDV6A
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-