General
-
Target
d41ed77934a8a460388fa983451e5519_JaffaCakes118
-
Size
1.5MB
-
Sample
241207-3bqb4svldk
-
MD5
d41ed77934a8a460388fa983451e5519
-
SHA1
c320eb7eef84c885c0fa2df0bd132beca04d5a1d
-
SHA256
a883e11651dc14621a4c8659a09311b418d1d1df4f9a0f3124aae9e5530f1d53
-
SHA512
39f92fd7b9bccd1a8d01ab2207e7c46eedc172fe054bd4098c83127472059ba8332256c0e716c4381d38e8b89cd4f7e36d303d3812607150729f8baea913c04c
-
SSDEEP
24576:lD6nlaEHWNLLWB3yayyno8M2uwW4uQyQgN/b7NHOAmA+7ed6BpGPL1fq4rpr4c:lD6BHwKBiaDm2uwWfYA304Nr4
Static task
static1
Behavioral task
behavioral1
Sample
d41ed77934a8a460388fa983451e5519_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
d41ed77934a8a460388fa983451e5519_JaffaCakes118
-
Size
1.5MB
-
MD5
d41ed77934a8a460388fa983451e5519
-
SHA1
c320eb7eef84c885c0fa2df0bd132beca04d5a1d
-
SHA256
a883e11651dc14621a4c8659a09311b418d1d1df4f9a0f3124aae9e5530f1d53
-
SHA512
39f92fd7b9bccd1a8d01ab2207e7c46eedc172fe054bd4098c83127472059ba8332256c0e716c4381d38e8b89cd4f7e36d303d3812607150729f8baea913c04c
-
SSDEEP
24576:lD6nlaEHWNLLWB3yayyno8M2uwW4uQyQgN/b7NHOAmA+7ed6BpGPL1fq4rpr4c:lD6BHwKBiaDm2uwWfYA304Nr4
-
Darkcomet family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-