General

  • Target

    748224ee282b3501de0e78e598c67858_JaffaCakes118

  • Size

    500KB

  • Sample

    240526-ghhpysha4s

  • MD5

    748224ee282b3501de0e78e598c67858

  • SHA1

    f7e53e578c5aaa35bf69054e68963cf3a87f98dc

  • SHA256

    14a3b1b5f5b13776bff8c01dbcc4ec057c5cfed656fcf2e82800f6a591d8ff22

  • SHA512

    ed88a356de918d3c26cf54b683bba5b22a24a67555505103d3f3740a91f3e54fc6c67a6fc41f70b0c5aa6bf55710735dc82f9bc1685e82521257c7f536a0e382

  • SSDEEP

    6144:05D4W9xOtO8XMLOjycd+0zmG4lPoFo6P3+zAoIM0eoYuP9BfnGqQpJMJCDxuRddn:05Dp3x8XPjyYaIhf/0WCDxui/k

Score
9/10

Malware Config

Targets

    • Target

      748224ee282b3501de0e78e598c67858_JaffaCakes118

    • Size

      500KB

    • MD5

      748224ee282b3501de0e78e598c67858

    • SHA1

      f7e53e578c5aaa35bf69054e68963cf3a87f98dc

    • SHA256

      14a3b1b5f5b13776bff8c01dbcc4ec057c5cfed656fcf2e82800f6a591d8ff22

    • SHA512

      ed88a356de918d3c26cf54b683bba5b22a24a67555505103d3f3740a91f3e54fc6c67a6fc41f70b0c5aa6bf55710735dc82f9bc1685e82521257c7f536a0e382

    • SSDEEP

      6144:05D4W9xOtO8XMLOjycd+0zmG4lPoFo6P3+zAoIM0eoYuP9BfnGqQpJMJCDxuRddn:05Dp3x8XPjyYaIhf/0WCDxui/k

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks