General

  • Target

    8993048a50b7b44326c640a437de32a3_JaffaCakes118

  • Size

    671KB

  • Sample

    240601-gyapaada73

  • MD5

    8993048a50b7b44326c640a437de32a3

  • SHA1

    d2d3b614f97d6d541b8bb032cd8f9c22f0a35411

  • SHA256

    15ab7df9dca355e0c98b18267f698fae3a2a62406ce7ea9f246db0d77f18eda5

  • SHA512

    a03fd4cf454220a29df1d5862081804c04fcaf6be35ec3a106b238474b2621b6bc62271cb348414eba9eb376b8012c121eb0dc3620cae02ee7429b89a61879cf

  • SSDEEP

    12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6O:qJ7Uzj4yUo7Fdle8WIbCL6O

Score
9/10

Malware Config

Targets

    • Target

      8993048a50b7b44326c640a437de32a3_JaffaCakes118

    • Size

      671KB

    • MD5

      8993048a50b7b44326c640a437de32a3

    • SHA1

      d2d3b614f97d6d541b8bb032cd8f9c22f0a35411

    • SHA256

      15ab7df9dca355e0c98b18267f698fae3a2a62406ce7ea9f246db0d77f18eda5

    • SHA512

      a03fd4cf454220a29df1d5862081804c04fcaf6be35ec3a106b238474b2621b6bc62271cb348414eba9eb376b8012c121eb0dc3620cae02ee7429b89a61879cf

    • SSDEEP

      12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL6O:qJ7Uzj4yUo7Fdle8WIbCL6O

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks