General
-
Target
1e5070332f49e9cbae7b485196c1eb6d_JaffaCakes118
-
Size
3.6MB
-
Sample
240702-g9knmatgpl
-
MD5
1e5070332f49e9cbae7b485196c1eb6d
-
SHA1
56085ad1c178328f0fb7c8b486e1af07ef7e2d52
-
SHA256
38c12eb3b1bce5606b03cbf68e0eaab0a4211112030a110c196e0a721f30e442
-
SHA512
d3e4b0d140021e36dd30d4481413217e757082ac10dcdbdb397527d0e8de6ce3469af50021bc2255b4448c57d968912406d23959461cc9d3926e068d8304e7d6
-
SSDEEP
49152:3pbmRVEQZ99pOz52y2yvzl90ZJAwdGtA2auX0AsUrsqkEAhgzLJqNNIDJ8zVwkVK:3Jm96DYdGRag0A/k7qH0NwWV/xhNu
Behavioral task
behavioral1
Sample
1e5070332f49e9cbae7b485196c1eb6d_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
1e5070332f49e9cbae7b485196c1eb6d_JaffaCakes118
-
Size
3.6MB
-
MD5
1e5070332f49e9cbae7b485196c1eb6d
-
SHA1
56085ad1c178328f0fb7c8b486e1af07ef7e2d52
-
SHA256
38c12eb3b1bce5606b03cbf68e0eaab0a4211112030a110c196e0a721f30e442
-
SHA512
d3e4b0d140021e36dd30d4481413217e757082ac10dcdbdb397527d0e8de6ce3469af50021bc2255b4448c57d968912406d23959461cc9d3926e068d8304e7d6
-
SSDEEP
49152:3pbmRVEQZ99pOz52y2yvzl90ZJAwdGtA2auX0AsUrsqkEAhgzLJqNNIDJ8zVwkVK:3Jm96DYdGRag0A/k7qH0NwWV/xhNu
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-