General

  • Target

    8996cb3a60b287b59a533ec6415b3cd5_JaffaCakes118

  • Size

    627KB

  • Sample

    240601-g3gcmace4t

  • MD5

    8996cb3a60b287b59a533ec6415b3cd5

  • SHA1

    807d5d9c7557a0cac1b77a6bed1ef9c96c939f66

  • SHA256

    246c1ab4503252cc16643638bac0ab9222526ba224d89ee03d00ac1278692d84

  • SHA512

    038ed6978a725d924ec39d4ad9798fca6e7502d88acb1f60ef127046c6a6c35e358e234ef5e7c5b63b7144b8cf7baf9aba26d6c94ac8cfaaa3d33d4525f6f421

  • SSDEEP

    12288:wI3wFCiaTbvcEr8dTig6fRg4+sXxCzvDgocqOKlGlsN37Q:n3wFCic20fRg4+shCBcaGWNLQ

Score
9/10

Malware Config

Targets

    • Target

      8996cb3a60b287b59a533ec6415b3cd5_JaffaCakes118

    • Size

      627KB

    • MD5

      8996cb3a60b287b59a533ec6415b3cd5

    • SHA1

      807d5d9c7557a0cac1b77a6bed1ef9c96c939f66

    • SHA256

      246c1ab4503252cc16643638bac0ab9222526ba224d89ee03d00ac1278692d84

    • SHA512

      038ed6978a725d924ec39d4ad9798fca6e7502d88acb1f60ef127046c6a6c35e358e234ef5e7c5b63b7144b8cf7baf9aba26d6c94ac8cfaaa3d33d4525f6f421

    • SSDEEP

      12288:wI3wFCiaTbvcEr8dTig6fRg4+sXxCzvDgocqOKlGlsN37Q:n3wFCic20fRg4+shCBcaGWNLQ

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks