General

  • Target

    9786cf1f32b8889fb82767e9ad866f52_JaffaCakes118

  • Size

    628KB

  • Sample

    240605-jnshfsah49

  • MD5

    9786cf1f32b8889fb82767e9ad866f52

  • SHA1

    8e55cd12f41efc9a9fb341aa25811a5decda2d1c

  • SHA256

    23a3f8d5fd270f2bc1b265679881ac81b318a66e2d4bab33a17b93a8aeeb86ea

  • SHA512

    b9cea70b34125051b75377b8b85eb899bdc54df7d32933774ee01f593e6607ee769e28289f94de5b9fed0a5c86872eb89ec36139fd2e05640da6d0f7c2ce59d5

  • SSDEEP

    12288:eL4MO+THTJZVyWW9Xl6nHZDQQXiPYURmjDAOu7Q944dc69:o4MO+Vx+M1OPoO7tGc69

Score
9/10

Malware Config

Targets

    • Target

      9786cf1f32b8889fb82767e9ad866f52_JaffaCakes118

    • Size

      628KB

    • MD5

      9786cf1f32b8889fb82767e9ad866f52

    • SHA1

      8e55cd12f41efc9a9fb341aa25811a5decda2d1c

    • SHA256

      23a3f8d5fd270f2bc1b265679881ac81b318a66e2d4bab33a17b93a8aeeb86ea

    • SHA512

      b9cea70b34125051b75377b8b85eb899bdc54df7d32933774ee01f593e6607ee769e28289f94de5b9fed0a5c86872eb89ec36139fd2e05640da6d0f7c2ce59d5

    • SSDEEP

      12288:eL4MO+THTJZVyWW9Xl6nHZDQQXiPYURmjDAOu7Q944dc69:o4MO+Vx+M1OPoO7tGc69

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks