General

  • Target

    842f4db59ae950856f9c16751029dd7f_JaffaCakes118

  • Size

    673KB

  • Sample

    240530-pshfyaha3t

  • MD5

    842f4db59ae950856f9c16751029dd7f

  • SHA1

    b8ec1329bea4fcb370085001f33f80ba124e9318

  • SHA256

    13941d03571a9ed243a67b987cd6170a9495b2d00f4995187ef5483d4cd79b74

  • SHA512

    5e4ff2a042a5ff9dfc4442d41fd3f8b514eaf44336f950da64bbcfd330821e0d3c4632a9755a12726678ca33355ca440c39dd10d861a90a6976b455378e94be5

  • SSDEEP

    12288:q5v8XvqRrYvhPi7cTqoRKHgGYcveMTv7AqeLDDuu9YMVFca62:Cv8XCH7uqHgGY4e0QDD9YMV2a62

Score
9/10

Malware Config

Targets

    • Target

      842f4db59ae950856f9c16751029dd7f_JaffaCakes118

    • Size

      673KB

    • MD5

      842f4db59ae950856f9c16751029dd7f

    • SHA1

      b8ec1329bea4fcb370085001f33f80ba124e9318

    • SHA256

      13941d03571a9ed243a67b987cd6170a9495b2d00f4995187ef5483d4cd79b74

    • SHA512

      5e4ff2a042a5ff9dfc4442d41fd3f8b514eaf44336f950da64bbcfd330821e0d3c4632a9755a12726678ca33355ca440c39dd10d861a90a6976b455378e94be5

    • SSDEEP

      12288:q5v8XvqRrYvhPi7cTqoRKHgGYcveMTv7AqeLDDuu9YMVFca62:Cv8XCH7uqHgGY4e0QDD9YMV2a62

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks