General

  • Target

    8cf0b516e85c07fc19f76c8a0fc198cb_JaffaCakes118

  • Size

    706KB

  • Sample

    240602-fjmjvsbg2t

  • MD5

    8cf0b516e85c07fc19f76c8a0fc198cb

  • SHA1

    5aeb28028c4c0400f8d4c9541b048807c75d2126

  • SHA256

    055d7f035d25761ace1d3d8933ef201559b4a0543b99fef4f03c7b41a8609b64

  • SHA512

    f5ec3d6abbbc78e389cb60ec06d46927f5041b7d290d31e921dca35edece3189c75a6a0a906c1f4e34e572db8a03761a46bdd73a56de154ada13b8122d30f927

  • SSDEEP

    12288:LWSbbO+qykD4IW0lFYsP5RGRfBntaVR0VKa8HsknPk/FbQivhOlzaAdBv6C:yobO+WJNYshRG7nsVqVN8MckNb3v8lzV

Score
9/10

Malware Config

Targets

    • Target

      8cf0b516e85c07fc19f76c8a0fc198cb_JaffaCakes118

    • Size

      706KB

    • MD5

      8cf0b516e85c07fc19f76c8a0fc198cb

    • SHA1

      5aeb28028c4c0400f8d4c9541b048807c75d2126

    • SHA256

      055d7f035d25761ace1d3d8933ef201559b4a0543b99fef4f03c7b41a8609b64

    • SHA512

      f5ec3d6abbbc78e389cb60ec06d46927f5041b7d290d31e921dca35edece3189c75a6a0a906c1f4e34e572db8a03761a46bdd73a56de154ada13b8122d30f927

    • SSDEEP

      12288:LWSbbO+qykD4IW0lFYsP5RGRfBntaVR0VKa8HsknPk/FbQivhOlzaAdBv6C:yobO+WJNYshRG7nsVqVN8MckNb3v8lzV

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks