General

  • Target

    844f1a1a3a5b2f655ceec5503a8f5525_JaffaCakes118

  • Size

    531KB

  • Sample

    240530-qp8pdsab3z

  • MD5

    844f1a1a3a5b2f655ceec5503a8f5525

  • SHA1

    d12beac073a6e578ec86131ffc1c49f85c65bd20

  • SHA256

    0baf80a1c1f0db17f37a0ff2bf1c196e1a25cb4413e03a4e2593652010727bf4

  • SHA512

    ef0ee75b3d7a0d2fa8b847d00f266ff86d23381fcc5ba83616344776bd46bc1379e76dd3091d7c6e1817b4dda7a0f1e648240ba725fa080c25b9e8041e2587a9

  • SSDEEP

    12288:cnnxNXTHxigTCQbJUMHON1qAhN/QVIvHipk+cmsW:cnnxhAgTV6MHON1qqNYCP+x3

Score
9/10

Malware Config

Targets

    • Target

      844f1a1a3a5b2f655ceec5503a8f5525_JaffaCakes118

    • Size

      531KB

    • MD5

      844f1a1a3a5b2f655ceec5503a8f5525

    • SHA1

      d12beac073a6e578ec86131ffc1c49f85c65bd20

    • SHA256

      0baf80a1c1f0db17f37a0ff2bf1c196e1a25cb4413e03a4e2593652010727bf4

    • SHA512

      ef0ee75b3d7a0d2fa8b847d00f266ff86d23381fcc5ba83616344776bd46bc1379e76dd3091d7c6e1817b4dda7a0f1e648240ba725fa080c25b9e8041e2587a9

    • SSDEEP

      12288:cnnxNXTHxigTCQbJUMHON1qAhN/QVIvHipk+cmsW:cnnxhAgTV6MHON1qqNYCP+x3

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks