General

  • Target

    3ef0260a973ffcda9d03f6cfb07c0341_JaffaCakes118

  • Size

    633KB

  • Sample

    240513-l2c12aad59

  • MD5

    3ef0260a973ffcda9d03f6cfb07c0341

  • SHA1

    4e0f0d21fc63198032cc29b53c6a8e23b78cd04a

  • SHA256

    827f635b2d00b75484eef39bbb0ff790333fc7782dcc53848506f17e54610106

  • SHA512

    c1225bb3323e81702a1b0ac44647a27a984c09df80a590ce8d8cb1873603b67003fc0bd199983cf769824e8f30843d576a25ea149fcf053d7d2a68a647f4ac47

  • SSDEEP

    12288:hEN2o2TEYcjYFNQkPFRRwCMc2qT55H5UvpfN4P9LJrAeMe36i9:w2ouFekdwCMBqTLZw3wXrAC36A

Score
9/10

Malware Config

Targets

    • Target

      3ef0260a973ffcda9d03f6cfb07c0341_JaffaCakes118

    • Size

      633KB

    • MD5

      3ef0260a973ffcda9d03f6cfb07c0341

    • SHA1

      4e0f0d21fc63198032cc29b53c6a8e23b78cd04a

    • SHA256

      827f635b2d00b75484eef39bbb0ff790333fc7782dcc53848506f17e54610106

    • SHA512

      c1225bb3323e81702a1b0ac44647a27a984c09df80a590ce8d8cb1873603b67003fc0bd199983cf769824e8f30843d576a25ea149fcf053d7d2a68a647f4ac47

    • SSDEEP

      12288:hEN2o2TEYcjYFNQkPFRRwCMc2qT55H5UvpfN4P9LJrAeMe36i9:w2ouFekdwCMBqTLZw3wXrAC36A

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks