General

  • Target

    89515f74c1d8c23eb21ba68d9e4e819e_JaffaCakes118

  • Size

    500KB

  • Sample

    240601-ephx7aaa24

  • MD5

    89515f74c1d8c23eb21ba68d9e4e819e

  • SHA1

    103fef070251b74736d033a9b18f7aed01b8097f

  • SHA256

    131ba2d94b368a5bcde967fd1188fa4b469dd0ffcde1e2bf94d8989e62c28a5f

  • SHA512

    cd0a2758eaa7d9b74d812c836d977baf9b1736c51324f0d491130a8630a7808413793a7bdcef4d7453bff7a3548bc8cfa1e37bcc8cea2cae508d5f206cac47fc

  • SSDEEP

    6144:n5DK99xOtO8XMLOjyfdGdQK36OP9KEzmIr3JgYhCOPoKuRbdz5C241cOInPfnGfP:n5Dc3x8XPjy07n1C4uASOIP/s3

Score
9/10

Malware Config

Targets

    • Target

      89515f74c1d8c23eb21ba68d9e4e819e_JaffaCakes118

    • Size

      500KB

    • MD5

      89515f74c1d8c23eb21ba68d9e4e819e

    • SHA1

      103fef070251b74736d033a9b18f7aed01b8097f

    • SHA256

      131ba2d94b368a5bcde967fd1188fa4b469dd0ffcde1e2bf94d8989e62c28a5f

    • SHA512

      cd0a2758eaa7d9b74d812c836d977baf9b1736c51324f0d491130a8630a7808413793a7bdcef4d7453bff7a3548bc8cfa1e37bcc8cea2cae508d5f206cac47fc

    • SSDEEP

      6144:n5DK99xOtO8XMLOjyfdGdQK36OP9KEzmIr3JgYhCOPoKuRbdz5C241cOInPfnGfP:n5Dc3x8XPjy07n1C4uASOIP/s3

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks