General

  • Target

    8935728efc1f4271b55adbc397bfb339_JaffaCakes118

  • Size

    697KB

  • Sample

    240601-dnptnsge22

  • MD5

    8935728efc1f4271b55adbc397bfb339

  • SHA1

    9231ab258a2e1f9bd661331feb8947cd3a1eca66

  • SHA256

    23308ce5469872bfd1ddd0bd02ac920c9f133e7abe40650a49cd441b62b7b1dd

  • SHA512

    b34cd44c460e7d7f484d08d45f3139d97fa664c208b648100daf7bc579610593df9ca248f9b85248157e77c36baec5049ff22a2bfdb3e19563d23f8ed098fac9

  • SSDEEP

    12288:ZVFRcibCA69e91qov32KG3hpepUdpzFmWXEtt/b+DYTiicHP6v:3FRci69m1zmKmYpiFmSi9uLicHP6v

Score
9/10

Malware Config

Targets

    • Target

      8935728efc1f4271b55adbc397bfb339_JaffaCakes118

    • Size

      697KB

    • MD5

      8935728efc1f4271b55adbc397bfb339

    • SHA1

      9231ab258a2e1f9bd661331feb8947cd3a1eca66

    • SHA256

      23308ce5469872bfd1ddd0bd02ac920c9f133e7abe40650a49cd441b62b7b1dd

    • SHA512

      b34cd44c460e7d7f484d08d45f3139d97fa664c208b648100daf7bc579610593df9ca248f9b85248157e77c36baec5049ff22a2bfdb3e19563d23f8ed098fac9

    • SSDEEP

      12288:ZVFRcibCA69e91qov32KG3hpepUdpzFmWXEtt/b+DYTiicHP6v:3FRci69m1zmKmYpiFmSi9uLicHP6v

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks