Overview

overview

9

Static

static

3

b853e0277f...18.exe

windows7-x64

9

b853e0277f...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    b853e0277f72548519a3c1c44b94d859_JaffaCakes118

  • Size

    565KB

  • Sample

    240617-nebkssscrp

  • MD5

    b853e0277f72548519a3c1c44b94d859

  • SHA1

    3f150ddeb253fdaf6c9b1883d590afd540e3c059

  • SHA256

    3f0335cf2bdff9541704ceae43b55c3e435bd6447871bc8d9815583cf73fc425

  • SHA512

    808ed73ace073c17f7f099b98756c57c0e4792a6c7f132d5003b3d22df578fd8ec2f38f761449a99eb5a40c26f6d49bf4dc903102da8512020e1c6041d4128fe

  • SSDEEP

    12288:iRefc/d1X0TM60o+F91uGcsdM4AbKG7ec/Hdch+2OsRc:iRefe0Td0Z/PDCKaeCIxi

Score
9/10
evasion

Malware Config

Targets

    • Target

      b853e0277f72548519a3c1c44b94d859_JaffaCakes118

    • Size

      565KB

    • MD5

      b853e0277f72548519a3c1c44b94d859

    • SHA1

      3f150ddeb253fdaf6c9b1883d590afd540e3c059

    • SHA256

      3f0335cf2bdff9541704ceae43b55c3e435bd6447871bc8d9815583cf73fc425

    • SHA512

      808ed73ace073c17f7f099b98756c57c0e4792a6c7f132d5003b3d22df578fd8ec2f38f761449a99eb5a40c26f6d49bf4dc903102da8512020e1c6041d4128fe

    • SSDEEP

      12288:iRefc/d1X0TM60o+F91uGcsdM4AbKG7ec/Hdch+2OsRc:iRefe0Td0Z/PDCKaeCIxi

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks