f87db4387e6e104ab8c19b67c020f39bf650cd7d5c28fffc09924fdaebd6e34a | Triage

Submit
Reports

Overview

overview

9

Static

static

1

JaffaCakes...b2.exe

windows10-2004-x64

9

JaffaCakes...b2.exe

windows11-21h2-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

JaffaCakes118_1e633dbfb0ca9ca0982e99c68f65b5b2
Size

494KB
Sample

250706-f8qb2sslz9
MD5

1e633dbfb0ca9ca0982e99c68f65b5b2
SHA1

612866306018c8098d74a50c0b83ff825d30e265
SHA256

f87db4387e6e104ab8c19b67c020f39bf650cd7d5c28fffc09924fdaebd6e34a
SHA512

07a87286f13d685fb7cde7302eca4995c22b059002c5015a2a12d9eaf1f22b6dcf0267f1592eddf6cc79e1c2a3ddb1ef506928e43e685ff959390a52e026d5d1
SSDEEP

12288:o3ma4bE/SPQHqkdTvL7Ff456p9HKuJC7K:o3b4bEiFCVMaX4K

Score

9^/10

defense_evasion discovery

Static task

static1

Behavioral task

behavioral1

Sample

JaffaCakes118_1e633dbfb0ca9ca0982e99c68f65b5b2.exe

Resource

win10v2004-20250610-en

defense_evasion discovery

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_1e633dbfb0ca9ca0982e99c68f65b5b2.exe

Resource

win11-20250610-en

defense_evasion discovery

windows11-21h2-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_1e633dbfb0ca9ca0982e99c68f65b5b2
- Size
  
  494KB
- MD5
  
  1e633dbfb0ca9ca0982e99c68f65b5b2
- SHA1
  
  612866306018c8098d74a50c0b83ff825d30e265
- SHA256
  
  f87db4387e6e104ab8c19b67c020f39bf650cd7d5c28fffc09924fdaebd6e34a
- SHA512
  
  07a87286f13d685fb7cde7302eca4995c22b059002c5015a2a12d9eaf1f22b6dcf0267f1592eddf6cc79e1c2a3ddb1ef506928e43e685ff959390a52e026d5d1
- SSDEEP
  
  12288:o3ma4bE/SPQHqkdTvL7Ff456p9HKuJC7K:o3b4bEiFCVMaX4K
Score

9^/10

defense_evasion discovery
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  defense_evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery

© 2018-2025

Terms | Privacy