General

  • Target

    8c781db94011fc1216244f511a49c261_JaffaCakes118

  • Size

    404KB

  • Sample

    240602-bx9t4aed2s

  • MD5

    8c781db94011fc1216244f511a49c261

  • SHA1

    fbcb19e79e8dcdfc3c1f4400b88a32dc2376ae24

  • SHA256

    059687e56a5244ff79eafa2d9cfde404343ead3a9082cfa42d9ef9b9c60a16ad

  • SHA512

    eedfb29a0c3196678bfb4cba348f2343da817f32883375018dced31fd89f3577350a20cd823c5ff1d3e1fcd7ea627a9961d139db7d9192f380444df6d6df7c0c

  • SSDEEP

    12288:UgffF5hZ2v2hiPO8WI4iU83wGqMgvOc5XD:UgXRzb8WIK838735XD

Score
9/10

Malware Config

Targets

    • Target

      8c781db94011fc1216244f511a49c261_JaffaCakes118

    • Size

      404KB

    • MD5

      8c781db94011fc1216244f511a49c261

    • SHA1

      fbcb19e79e8dcdfc3c1f4400b88a32dc2376ae24

    • SHA256

      059687e56a5244ff79eafa2d9cfde404343ead3a9082cfa42d9ef9b9c60a16ad

    • SHA512

      eedfb29a0c3196678bfb4cba348f2343da817f32883375018dced31fd89f3577350a20cd823c5ff1d3e1fcd7ea627a9961d139db7d9192f380444df6d6df7c0c

    • SSDEEP

      12288:UgffF5hZ2v2hiPO8WI4iU83wGqMgvOc5XD:UgXRzb8WIK838735XD

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks