Overview

overview

9

Static

static

3

a794e995e6...18.exe

windows7-x64

9

a794e995e6...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    a794e995e667959fbfa99b59220953f0_JaffaCakes118

  • Size

    564KB

  • Sample

    240614-b33b7stgqn

  • MD5

    a794e995e667959fbfa99b59220953f0

  • SHA1

    042721a03ab136790ed306ca2bf9ce473746fb9f

  • SHA256

    644bfaedea1ac47b72e85ae16576502fb4382f6d7a9d23031d5d83c7f9d36e16

  • SHA512

    1cc51f14eff44dbd03568dd402ab7aa5fb7d5324e9711628149946f111d3585f910e4e0508b7b02d0f61b0a9370478f39dd95035368ab7fa116de445d661eda3

  • SSDEEP

    12288:cNEC2EhjTO5ApVsx4c7siJMKbSTu5eG3uAscMJUL:cNECjTLp8ZfUGNspUL

Score
9/10
evasion

Malware Config

Targets

    • Target

      a794e995e667959fbfa99b59220953f0_JaffaCakes118

    • Size

      564KB

    • MD5

      a794e995e667959fbfa99b59220953f0

    • SHA1

      042721a03ab136790ed306ca2bf9ce473746fb9f

    • SHA256

      644bfaedea1ac47b72e85ae16576502fb4382f6d7a9d23031d5d83c7f9d36e16

    • SHA512

      1cc51f14eff44dbd03568dd402ab7aa5fb7d5324e9711628149946f111d3585f910e4e0508b7b02d0f61b0a9370478f39dd95035368ab7fa116de445d661eda3

    • SSDEEP

      12288:cNEC2EhjTO5ApVsx4c7siJMKbSTu5eG3uAscMJUL:cNECjTLp8ZfUGNspUL

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks