General

  • Target

    97ca707c46fcb97dc9108140f0d2011f_JaffaCakes118

  • Size

    671KB

  • Sample

    240605-lwr8rsdc28

  • MD5

    97ca707c46fcb97dc9108140f0d2011f

  • SHA1

    631b3a80339bb26bbf298126162df49b118a7ead

  • SHA256

    054fa0cb0d06dc2a4ea59957361d955448e5ed86973d14ea1b246c77b8e0bb25

  • SHA512

    65061d9b1545dca4d38aff2fb5f3f9ef4313349975e2c92ee8a7d2cd6ecf47179b8cb6cfc90d3fa845d808e2b42a9e991ea4e3c99e9cb4b9f86d96e8de126584

  • SSDEEP

    12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL63:qJ7Uzj4yUo7Fdle8WIbCL63

Score
9/10

Malware Config

Targets

    • Target

      97ca707c46fcb97dc9108140f0d2011f_JaffaCakes118

    • Size

      671KB

    • MD5

      97ca707c46fcb97dc9108140f0d2011f

    • SHA1

      631b3a80339bb26bbf298126162df49b118a7ead

    • SHA256

      054fa0cb0d06dc2a4ea59957361d955448e5ed86973d14ea1b246c77b8e0bb25

    • SHA512

      65061d9b1545dca4d38aff2fb5f3f9ef4313349975e2c92ee8a7d2cd6ecf47179b8cb6cfc90d3fa845d808e2b42a9e991ea4e3c99e9cb4b9f86d96e8de126584

    • SSDEEP

      12288:SZJ7G1zskWtP44444ItPZkTKpPwHb/dgusOlMLSTQNirbCfrL63:qJ7Uzj4yUo7Fdle8WIbCL63

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks