General

  • Target

    3eea2f76ecb488b9d2058e8471d84f12_JaffaCakes118

  • Size

    532KB

  • Sample

    240513-lx4cesac28

  • MD5

    3eea2f76ecb488b9d2058e8471d84f12

  • SHA1

    3dc3b80b03a2a80fed27036df8f98b151cf37f04

  • SHA256

    06b40a8a9b2d45d26958c0d0fe7d4607b2e91cc304019f396faf83487e68518b

  • SHA512

    8e89e0ff3bc3c2d3b51974a102bbaefb79738fb3fecad5feb8ea0b847c64b0619bbffa7217f73e39a2bab9facfb29a2638a9db2c96ef01bf6250d1a299d3b5ac

  • SSDEEP

    12288:tXf2DMo6GCfdog22HXrFy+344+E9OsDYMbWMKyH/rexOww9gU:tv2DBCVx5y+3RxDYv9UCxOwwKU

Score
9/10

Malware Config

Targets

    • Target

      3eea2f76ecb488b9d2058e8471d84f12_JaffaCakes118

    • Size

      532KB

    • MD5

      3eea2f76ecb488b9d2058e8471d84f12

    • SHA1

      3dc3b80b03a2a80fed27036df8f98b151cf37f04

    • SHA256

      06b40a8a9b2d45d26958c0d0fe7d4607b2e91cc304019f396faf83487e68518b

    • SHA512

      8e89e0ff3bc3c2d3b51974a102bbaefb79738fb3fecad5feb8ea0b847c64b0619bbffa7217f73e39a2bab9facfb29a2638a9db2c96ef01bf6250d1a299d3b5ac

    • SSDEEP

      12288:tXf2DMo6GCfdog22HXrFy+344+E9OsDYMbWMKyH/rexOww9gU:tv2DBCVx5y+3RxDYv9UCxOwwKU

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks