645d4d4813a9042d9682f830e7453457d62f96b0ec6a135a0a71da8e66a8ce6c | Triage

Submit
Reports

Overview

overview

9

Static

static

7

03c0954cc2...18.exe

windows7-x64

1

03c0954cc2...18.exe

windows10-2004-x64

9

Sharing

General

Target

03c0954cc211afe37bdba2e523ba7e43_JaffaCakes118
Size

655KB
Sample

240427-18hx7aab2s
MD5

03c0954cc211afe37bdba2e523ba7e43
SHA1

3bcc6f3e3312f1a6ef73df0f901888e9e2a947dd
SHA256

645d4d4813a9042d9682f830e7453457d62f96b0ec6a135a0a71da8e66a8ce6c
SHA512

e681f62ac0fb6014f2a3d7edcd21a8109eadb894769bbe665ead835e008203ef838684142dfaf45e77e268a363ad8db4d6f0ec04ae7b1832e428cb3dd739a9a3
SSDEEP

12288:C1heIHTECcwLbmMkSxB2Filn+rKibmeeJC5LOFKGE3KoHKWfw0d7x1+ZR9Xz:4eIfz3ajKZeeJrmKoHu+l0H9Xz

Score

9^/10

evasion upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

03c0954cc211afe37bdba2e523ba7e43_JaffaCakes118.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

03c0954cc211afe37bdba2e523ba7e43_JaffaCakes118.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  03c0954cc211afe37bdba2e523ba7e43_JaffaCakes118
- Size
  
  655KB
- MD5
  
  03c0954cc211afe37bdba2e523ba7e43
- SHA1
  
  3bcc6f3e3312f1a6ef73df0f901888e9e2a947dd
- SHA256
  
  645d4d4813a9042d9682f830e7453457d62f96b0ec6a135a0a71da8e66a8ce6c
- SHA512
  
  e681f62ac0fb6014f2a3d7edcd21a8109eadb894769bbe665ead835e008203ef838684142dfaf45e77e268a363ad8db4d6f0ec04ae7b1832e428cb3dd739a9a3
- SSDEEP
  
  12288:C1heIHTECcwLbmMkSxB2Filn+rKibmeeJC5LOFKGE3KoHKWfw0d7x1+ZR9Xz:4eIfz3ajKZeeJrmKoHu+l0H9Xz
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy