Overview

overview

9

Static

static

3

9131d926b9...18.exe

windows7-x64

9

9131d926b9...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9131d926b90949115665d5db66f1297b_JaffaCakes118

  • Size

    565KB

  • Sample

    240603-kt2hzsag93

  • MD5

    9131d926b90949115665d5db66f1297b

  • SHA1

    0521b6ae95e0c34ae187f7631ec502230d983e7d

  • SHA256

    c207d0993061fe0e1d74b4cb1eb721d3f3a497f075ce64d4db43907a90a61d63

  • SHA512

    4bfd766ec8992179ddd99b594c79f5fcc83c168b86aeb9b4ab4993442fa40cc3bcb1dbb9461854f554c3810650994ed82f275b4b722d18e86dcbfe6a17ee3c77

  • SSDEEP

    12288:iRefc/d1X0TM60o+F91uGcsdM4AbKG7ec/Hdch+2OsRc:iRefe0Td0Z/PDCKaeCIxi

Score
9/10
evasion

Malware Config

Targets

    • Target

      9131d926b90949115665d5db66f1297b_JaffaCakes118

    • Size

      565KB

    • MD5

      9131d926b90949115665d5db66f1297b

    • SHA1

      0521b6ae95e0c34ae187f7631ec502230d983e7d

    • SHA256

      c207d0993061fe0e1d74b4cb1eb721d3f3a497f075ce64d4db43907a90a61d63

    • SHA512

      4bfd766ec8992179ddd99b594c79f5fcc83c168b86aeb9b4ab4993442fa40cc3bcb1dbb9461854f554c3810650994ed82f275b4b722d18e86dcbfe6a17ee3c77

    • SSDEEP

      12288:iRefc/d1X0TM60o+F91uGcsdM4AbKG7ec/Hdch+2OsRc:iRefe0Td0Z/PDCKaeCIxi

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks