Overview

overview

9

Static

static

3

7eaf7e9425...18.exe

windows7-x64

1

7eaf7e9425...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    7eaf7e94254f2bfab0a0fa3777623a3a_JaffaCakes118

  • Size

    664KB

  • Sample

    240528-21aghsga2v

  • MD5

    7eaf7e94254f2bfab0a0fa3777623a3a

  • SHA1

    c518c9c21f41c436aa0495750d117dee76f1b4b7

  • SHA256

    04d1eb833b9e976773fb5f8d6f292f3c71bae7df92254fdd11c3592fc56f6105

  • SHA512

    6659953deada1c95666972b52ea56f6236e600fa7fd409f15d2c676dbe7e41320cb98920533513bcd130d40fa270ae2fe378daae703fa60e8c25de198227fabc

  • SSDEEP

    12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs16V:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1G

Score
9/10
evasion

Malware Config

Targets

    • Target

      7eaf7e94254f2bfab0a0fa3777623a3a_JaffaCakes118

    • Size

      664KB

    • MD5

      7eaf7e94254f2bfab0a0fa3777623a3a

    • SHA1

      c518c9c21f41c436aa0495750d117dee76f1b4b7

    • SHA256

      04d1eb833b9e976773fb5f8d6f292f3c71bae7df92254fdd11c3592fc56f6105

    • SHA512

      6659953deada1c95666972b52ea56f6236e600fa7fd409f15d2c676dbe7e41320cb98920533513bcd130d40fa270ae2fe378daae703fa60e8c25de198227fabc

    • SSDEEP

      12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs16V:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC1G

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks