General

  • Target

    58785e7ea968c1f8f1f1b32a086764e2_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240519-en4hhahf3t

  • MD5

    58785e7ea968c1f8f1f1b32a086764e2

  • SHA1

    2500298101abedb1613331e21b75e2a5ee89b96a

  • SHA256

    f6297aa773c990879a33163e6e47af3c76b773f323df157249841bb2a3634dfe

  • SHA512

    c765a818b154f020e90bb176dc560cd572d78f8b2ae7f3c660dce749b4cdf04001c4b3f320d3ebc343a9cf7c39180d28b1a7b5e6fb02c0f5f4478a358066a882

  • SSDEEP

    24576:kSQSDigDGo8Zx9MJqxpq3vxHkW3ASPjbk7L1eE0Wn0iekfwVNDOl:9lDZ18eapi3jA7ZB0Wnp+Vs

Score
7/10

Malware Config

Targets

    • Target

      58785e7ea968c1f8f1f1b32a086764e2_JaffaCakes118

    • Size

      1.3MB

    • MD5

      58785e7ea968c1f8f1f1b32a086764e2

    • SHA1

      2500298101abedb1613331e21b75e2a5ee89b96a

    • SHA256

      f6297aa773c990879a33163e6e47af3c76b773f323df157249841bb2a3634dfe

    • SHA512

      c765a818b154f020e90bb176dc560cd572d78f8b2ae7f3c660dce749b4cdf04001c4b3f320d3ebc343a9cf7c39180d28b1a7b5e6fb02c0f5f4478a358066a882

    • SSDEEP

      24576:kSQSDigDGo8Zx9MJqxpq3vxHkW3ASPjbk7L1eE0Wn0iekfwVNDOl:9lDZ18eapi3jA7ZB0Wnp+Vs

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks