General

  • Target

    97caca47cf5b3d5b38bf4db9d3168ce8_JaffaCakes118

  • Size

    664KB

  • Sample

    240605-lw48bscd5z

  • MD5

    97caca47cf5b3d5b38bf4db9d3168ce8

  • SHA1

    b9a54393bcc52b8713fdcbec11ef6d35bf848c39

  • SHA256

    158e520449365d18447b647a375a1298ab00c6d87be6cdf4585162e402735102

  • SHA512

    a20fac61fb2fe93ccdbb82fb7c5d52c25b23f979c5d0ae1057fe82f36a944b29be99c3845b963c850cfa0209b7868d2f954ef09999e9ec4a56a86cea604b5b3c

  • SSDEEP

    12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs160:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC13

Score
9/10

Malware Config

Targets

    • Target

      97caca47cf5b3d5b38bf4db9d3168ce8_JaffaCakes118

    • Size

      664KB

    • MD5

      97caca47cf5b3d5b38bf4db9d3168ce8

    • SHA1

      b9a54393bcc52b8713fdcbec11ef6d35bf848c39

    • SHA256

      158e520449365d18447b647a375a1298ab00c6d87be6cdf4585162e402735102

    • SHA512

      a20fac61fb2fe93ccdbb82fb7c5d52c25b23f979c5d0ae1057fe82f36a944b29be99c3845b963c850cfa0209b7868d2f954ef09999e9ec4a56a86cea604b5b3c

    • SSDEEP

      12288:YTf5y14kK0RuPZf1HW9Yui4IRYK2VO0X9bDIFVhB0ZJE+Xhs160:Wf5yCkqZf129YupJ9O0X9b0FVDqEcC13

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks