General

  • Target

    735c795aa8147d489a981c68c9ac6a81_JaffaCakes118

  • Size

    664KB

  • Sample

    240525-1qd7aabf81

  • MD5

    735c795aa8147d489a981c68c9ac6a81

  • SHA1

    571e5efcfc0019e0a03a6c9295cf03b29128e135

  • SHA256

    100c542bbb0cc9de28db77abe7a1bd0a8dc8693911926bf67fecbd06a3747b57

  • SHA512

    01d6a982469cebb0d3e21d1d50ba5f430f64fa4bf942d2f2e5213a35e1215b5093733c76406f213c582c442447974a63c41678b8e40e3b5e37fabf2549d269a8

  • SSDEEP

    12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs169:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1W

Score
9/10

Malware Config

Targets

    • Target

      735c795aa8147d489a981c68c9ac6a81_JaffaCakes118

    • Size

      664KB

    • MD5

      735c795aa8147d489a981c68c9ac6a81

    • SHA1

      571e5efcfc0019e0a03a6c9295cf03b29128e135

    • SHA256

      100c542bbb0cc9de28db77abe7a1bd0a8dc8693911926bf67fecbd06a3747b57

    • SHA512

      01d6a982469cebb0d3e21d1d50ba5f430f64fa4bf942d2f2e5213a35e1215b5093733c76406f213c582c442447974a63c41678b8e40e3b5e37fabf2549d269a8

    • SSDEEP

      12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs169:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1W

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks