General
-
Target
18c7e5fbfb5b0bdd09279e3bd8bd17f0_JaffaCakes118
-
Size
1.7MB
-
Sample
240628-e4zt9a1enb
-
MD5
18c7e5fbfb5b0bdd09279e3bd8bd17f0
-
SHA1
15b80b8a4b263f8a4b902dc1f6af01b923032e0e
-
SHA256
2cd91ceff31309f8dbdef3e2ef66cd20a6df6d910f9a4c98b3d7a9e67aada436
-
SHA512
29efa3df1eb2046e8662e29ef409cb6e7b6e7e3590aa9e9ee2d844e7faad3dd7302bd0c1627d4512faffccf53b446c3e82eb49b15ee14cc0a46fff8fdda1aaa6
-
SSDEEP
49152:W3T+vr7klhTd2UJA0MfsPGrBnY0Llmh71Is9M:8yv/klR2fsPG1nDl271G
Static task
static1
Behavioral task
behavioral1
Sample
18c7e5fbfb5b0bdd09279e3bd8bd17f0_JaffaCakes118.dll
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
18c7e5fbfb5b0bdd09279e3bd8bd17f0_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
18c7e5fbfb5b0bdd09279e3bd8bd17f0_JaffaCakes118
-
Size
1.7MB
-
MD5
18c7e5fbfb5b0bdd09279e3bd8bd17f0
-
SHA1
15b80b8a4b263f8a4b902dc1f6af01b923032e0e
-
SHA256
2cd91ceff31309f8dbdef3e2ef66cd20a6df6d910f9a4c98b3d7a9e67aada436
-
SHA512
29efa3df1eb2046e8662e29ef409cb6e7b6e7e3590aa9e9ee2d844e7faad3dd7302bd0c1627d4512faffccf53b446c3e82eb49b15ee14cc0a46fff8fdda1aaa6
-
SSDEEP
49152:W3T+vr7klhTd2UJA0MfsPGrBnY0Llmh71Is9M:8yv/klR2fsPG1nDl271G
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-