Overview

overview

9

Static

static

3

8e15523de7...18.exe

windows7-x64

9

8e15523de7...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    8e15523de7e301d0c4c36739db67e44d_JaffaCakes118

  • Size

    524KB

  • Sample

    240602-pqhnxsdd43

  • MD5

    8e15523de7e301d0c4c36739db67e44d

  • SHA1

    39f5c2ef2887a07ee571f2d4c3701411ccfbfacb

  • SHA256

    6e7b5d0cb6fa99b2e1324f963afdc8f6f30407afd28e1b65fe13ccce639159f7

  • SHA512

    6a64cb28e2bd19eb08fd1d89ca0ca379a43013f9f44286870b39fc02e4aa5b3f8e03c8bcfcd7fc77eb8e7f22abe72bbb2581b878fdefa68ea0bf74b3903482b1

  • SSDEEP

    12288:AJuKBAjsT2ws4GrRu2QRqxqlOy8AF05yHk67zR960LF:AJuXsTuRRu2wqNGIyHr96i

Score
9/10
evasion

Malware Config

Targets

    • Target

      8e15523de7e301d0c4c36739db67e44d_JaffaCakes118

    • Size

      524KB

    • MD5

      8e15523de7e301d0c4c36739db67e44d

    • SHA1

      39f5c2ef2887a07ee571f2d4c3701411ccfbfacb

    • SHA256

      6e7b5d0cb6fa99b2e1324f963afdc8f6f30407afd28e1b65fe13ccce639159f7

    • SHA512

      6a64cb28e2bd19eb08fd1d89ca0ca379a43013f9f44286870b39fc02e4aa5b3f8e03c8bcfcd7fc77eb8e7f22abe72bbb2581b878fdefa68ea0bf74b3903482b1

    • SSDEEP

      12288:AJuKBAjsT2ws4GrRu2QRqxqlOy8AF05yHk67zR960LF:AJuXsTuRRu2wqNGIyHr96i

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks